Part 11. Disclosure, Communications, and Liaison
Chapter 51. Large Business and International Communications
Section 1. LB&I Audit Program Process for TIGTA and GAO
11.51.1 LB&I Audit Program Process for TIGTA and GAO
Manual Transmittal
February 21, 2023
Purpose
(1) This transmits revised IRM 11.51.1, Large Business and International Communications, LB&I Audit Program Process for TIGTA and GAO.
Material Changes
(1) IRM 11.51.1.1: changed policy owner to “LB&I Policy under the Strategy, Policy and Governance office in the Assistant Deputy Commissioner Compliance Integration organization.”
(2) IRM 11.51.1.1.1: made TIGTA Background and GAO Background subsections.
(3) IRM 11.51.1.1.2: added content for Authority.
(4) IRM 11.51.1.1.3: changed title to Roles and Responsibilities.
(5) IRM 11.51.1.1.3.6: clarified language for the LB&I Audit Lead role.
(6) IRM 11.51.1.1.4: added content for Program Management and Review.
(7) IRM 11.51.1.1.5: added content for Program Controls.
(8) Reviewed and updated website addresses, legal and IRM references.
(9) Editorial changes made throughout.
Effect on Other Documents
This IRM supersedes IRM 11.51.1, Large Business and International Communications, LB&I Audit Program Process for TIGTA and GAO, dated May 10, 2021.
Audience
LB&I managers and employees working on TIGTA or GAO audits.
Effective Date
(02-21-2023)
Theodore D. Setzer
Assistant Deputy Commissioner Compliance Integration
Large Business and International Division
Program Scope and Objectives
(1) Purpose: This IRM provides guidelines and procedures for Large Business & International (LB&I) managers and employees working and coordinating Treasury Inspector General for Tax Administration (TIGTA) and Government Accountability Office (GAO) audits with functional areas within and outside LB&I. The procedures cover the audit process from the open audit phase to the tracking and implementation of audit recommendations and corrective actions to ensure an effective and timely management of the audit process.
(2) Audience: LB&I managers and employees working on TIGTA or GAO audits.
(3) Policy Owner: LB&I Policy under the Strategy, Policy and Governance office in Assistant Deputy Commissioner Compliance Integration organization.
(4) Program Owner: The Audit and Legislative Liaison (ALL) team within Program Planning, Coordination and Analysis in Program and Business Solutions.
(5) Primary Stakeholders: Stakeholders include LB&I management, LB&I functional coordinators and liaisons, and TIGTA and GAO personnel.
(6) TIGTA and the GAO conduct annual audits and fulfill congressional requests of studies which review and evaluate IRS operations. Audit reports are issued and may contain recommendations for improvements. TIGTA and GAO reviews help identify operational and administrative weaknesses and improve tax administration and are given high priority by the IRS. The reviews are usually available on their websites for public access.
Background
(1) The TIGTA and the GAO regularly monitor the Internal Revenue Service (IRS) to ensure the IRS:
Carries out its operations effectively and efficiently.
Follows reliable financial reporting.
Complies with applicable laws and regulations.
TIGTA Background
(1) The IRS Restructuring and Reform Act of 1998 (RRA 98) established TIGTA to provide independent oversight of IRS activities. As mandated by RRA 98, TIGTA assumed most of the responsibilities of the IRS’s former Inspection Service.
(2) TIGTA consists of mainly auditors and investigators who focus on the duties and responsibilities of the Inspector General for Tax Administration. Organizationally, TIGTA is placed within the Department of the Treasury, but it is independent of the Department and all other Treasury offices, including the Treasury Office of the Inspector General (OIG).
(3) TIGTA focuses on all aspects of tax administration. Its audit activities include:
Promoting economy, efficiency, and effectiveness in administering the nation’s tax system.
Detecting and preventing fraud, abuse, and deficiencies in IRS programs and operations.
Offering recommendations about existing and proposed legislation and regulations related to IRS programs and operations.
Ensuring compliance with applicable laws and regulations.
Informing the Secretary of the Treasury and Congress of problems and the progress the IRS is making to resolve them.
(4) The TIGTA Office of Audit identifies opportunities to improve tax administration by conducting comprehensive, independent performance and financial audits of IRS programs, operations, and activities.
(5) The Audit Program consists of reviews mandated by statute or regulation, as well as reviews identified through the annual audit planning and evaluation process. The TIGTA Office of Audit strategically evaluates IRS programs, activities, and functions so the IRS can direct its resources to the areas of highest vulnerability. TIGTA presents its audit program in the Annual Audit Plan, which it publishes at the beginning of each fiscal year.
For additional information see TIGTA's website: www.treas.gov/TIGTA.
GAO Background
(1) The GAO is an independent, nonpartisan agency that works for Congress. It gathers information to help Congress determine how well executive branch agencies are doing their jobs. The GAO answers questions such as whether government programs are meeting their objectives or providing good service to the public. Ultimately, the GAO ensures that the government is accountable to the American people. To that end, the GAO provides senators and representatives with the best information available to help them make informed policy decisions. The GAO supports congressional oversight by:
Evaluating how well government policies and programs are working.
Auditing agency operations to determine whether federal funds are being spent efficiently and effectively.
Investigating allegations of illegal and improper activities.
Issuing legal decisions and opinions.
(2) The GAO's final report meets short-term needs for information on a wide range of government operations. These reports also help the Congress better understand emerging, long-term issues with potentially far-reaching effects.
(3) For additional information see the GAO's website at www.gao.gov.
Authority
(1) Treasury Order 115-01, dated January 14, 1999, provides TIGTA authority and access to IRS information.
(2) GAO-05-35G, dated October 21, 2004, GAO’s Agency Protocols, contains protocols that govern the U.S. GAO’s work with the executive branch agencies.
Roles and Responsibilities
(1) The following describes the roles and responsibilities of:
Enterprise Audit Management (EAM)
Legislative Affairs
Program and Business Solutions (PBS) and Technology & Program Solutions (TPS)
LB&I audit liaisons
LB&I functional coordinators
LB&I audit leads (program managers and subject matter experts)
LB&I executives
Enterprise Audit Management
(1) Enterprise Audit Management (EAM) is responsible for:
Serving as the Servicewide single point of contact (SPOC) for GAO and TIGTA audits and inspections and evaluations.
Liaising between the IRS and GAO and TIGTA when addressing significant issues that arise during an audit.
Providing guidance and support to business units on the audit process, including post audit tracking and monitoring of planned corrective actions (PCAs).
Identifying audit stakeholders and assigning audit ownership, based on input from the business units.
Transmitting audit notifications, engagement letters, draft reports, final audit reports, or other audit-related documents to the appropriate offices.
Providing input to the business units as they develop responses to audit reports.
Monitoring the timeliness of IRS audit responses to ensure due dates are met.
Updating and maintaining the Enterprise Audit Database that documents and makes available important information about each open audit..
Elevating significant issues, concerns, audit findings, or related matters through the management chain to appropriate IRS leadership for information and action.
Retaining audit records per appropriate records retention requirements issued by the National Archives and Records Administration (NARA). See the IRM 1.15 series, Records and Information Management.
Facilitating audits throughout the audit lifecycle, from audit initiation through the reporting phases and post-audit tracking and monitoring of PCAs.
Monitoring the status of PCAs, validating the documentation submitted by business units to close PCAs, and ensuring record keeping via the Joint Audit Management Enterprise System (JAMES) once the final audit reports are issued.
Legislative Affairs
(1) Legislative Affairs is responsible for:
Facilitating the 180-Day Letter approval process with the business units, including routing the 180-Day Letter package to the Deputy Commissioners or Commissioner for signature and mailing the 180-Day Letter responses to Congress.
Establishing the e-Trak control for 180-Day Letters upon the issuance of the final report by GAO and providing it to EAM for tracking.
Note: The 180-Day Letter process was formerly referred to as the 60-Day Letter process. However, the Good Accounting Obligation in Government Act (P.L. 115-414, January 3, 2019) amended 31 USC 720(b) to increase the timeframe to 180 days.
Program and Business Solutions / Technology and Program Solutions
(1) The role of Program and Business Solutions (PBS) is to support in the delivery and accomplishment of its mission, goals, and priorities by providing quality, timely, and effective services in several areas, including the Office of Technology and Program Solutions (TPS).
(2) TPS is the owner of the LB&I TIGTA/GAO Audit Program and houses Program Planning Coordination & Analysis (PPCA)
LB&I TIGTA/GAO Audit Liaison
(1) The LB&I audit liaison is responsible for managing the LB&I inventory of TIGTA and GAO research projects and open audits and coordinating audit work with pertinent functional areas within and outside of LB&I. The audit liaison also coordinates requests for suggestions for TIGTA’s Annual Audit Plan with managers in LB&I.
(2) The LB&I audit liaison’s role is to:
Act as the primary point of contact for LB&I during the open audit process and track all research projects and audit inquiries from auditors.
Review TIGTA and GAO audit documents forwarded from EAM, such as engagement letters and audit reports and prepare transmittals to guide the appropriate offices within and outside LB&I (for cross-functional audits) on what actions are needed.
Forward engagement letters, briefings or audit reports, and any other audit-related documents such as inquiries received from TIGTA or GAO to the appropriate offices within and outside LB&I to request responses and status updates.
Schedule and facilitate LB&I pre-audit briefings for new LB&I lead audits before the opening conference.
Schedule and participate in audit openings, progress updates, midpoint briefings and closing conferences for assigned LB&I audits.
Participate at opening and closing conferences for assigned non-lead audits.
Answer inquiries, provide guidance, and resolve problems encountered during the open audits from managers, other audit liaisons, and functional coordinators.
Encourage the executive owner(s), and program manager(s) for each audit attend the opening conference to adequately address concerns with the audit objectives early in the audit process and the closing conference to provide comments about the recommendation(s) before TIGTA or GAO issues the draft report.
Help ensure timely management responses to auditors' inquiries and draft audit reports by answering or forwarding inquiries to the appropriate functional coordinators.
Monitor the Information Document Request (IDR) for the audit which includes audit inquiries and responses.
Review responses to draft audit reports before forwarding them for approval.
Maintain a SharePoint database to track the open audit inventory and keep detailed information on the audit progress.
Act as liaison between management and TIGTA or GAO on the resolution of problems encountered during the open audits.
Coordinate draft management responses until they have been signed and closed in e-Trak.
Prepare a signature package template with the review timeline for management responses and forward it to the functional coordinator.
Create SharePoint folders for each open audit and upload key documents, such as the engagement letter, discussion draft report, draft report, management response to the draft report, final report, and 180-Day Letters (only upon request from the audit lead).
Brief executives on the status of the open inventory (e.g., through the quarterly Business Performance Review (BPR) and audit inventory reports).
LB&I Functional Coordinators
(1) The LB&I functional coordinator is responsible for coordinating the LB&I inventory of TIGTA and GAO open audits, including TIGTA audit planning, with pertinent functional areas within and outside their functional area, including other LB&I functions and business operating divisions.
(2) The role of the LB&I functional coordinator in the audit process is to:
Act as the primary point of contact for their functional area during the audit process.
Be familiar with IRMs related to the disclosure of taxpayer information to TIGTA and GAO and the accounting and reporting of this information to the Disclosure Office.
Forward engagement letters, audit reports, and any other audit-related documents received from the LB&I audit liaison to the appropriate offices within and outside their functional area, as needed, to request responses and status updates.
Participate in audit openings, research, progress updates, and closing conferences.
Serve as or identify a note-taker for each of the conferences above and share meeting notes with the LB&I audit liaison within three business days.
Maintain the IDR for the audit which includes audit inquiries and responses.
Monitor all audit planning and audit inquiries from auditors to ensure that responses are timely.
Review audit-related documents received from the LB&I audit liaison or audit teams, such as inquiries received and request for comments on audit reports, and coordinate with the appropriate offices within and outside their functional area, such as other functional coordinators in LB&I and audit liaisons outside LB&I, as needed.
Collect responses, review for completeness and forward responses to the audit liaison for submission to TIGTA or GAO.
Respond to inquiries or audit reports to the director or executive owners for the audits. Secure the necessary reviews and approvals from the management chain before submitting responses to requesters (e.g., auditors, LB&I audit liaison, or audit liaisons from another lead stakeholder organization).
Keep the executive owner, designee, and applicable program manager(s) abreast of audit developments to address concerns, as deemed necessary.
Answer inquiries from managers in their area about the status of the assigned open audits.
Act as liaison between management and LB&I audit liaison on the resolution of problems encountered during the open audits.
Act as liaison between functional area management and audit teams to clarify audit inquiries and request extension of due dates during the fieldwork phase.
Ensure the executive owner (e.g., director or designee) and program manager(s) for each audit attend the opening, research, progress update, and closing conferences to address concerns in the audit process dealing with potential audit findings and recommendations.
Assist the designated executive owner or program manager(s) in their area with the timely preparation and coordination of comments or responses to discussion drafts (TIGTA) or statements of facts (GAO), draft reports, and GAO final reports with recommendations.
Share copies of approved report comments and responses to draft reports and 180-day letters with the audit liaison by the due date provided.
Ensure that the director or program manager for the audit seeks concurrence from the audit team during the closing meeting on revisions to the discussion draft or statement of facts audit reports.
Help ensure timely management responses to draft audit reports by promptly assisting the program managers with the drafting of the management responses, coordinating comments received from managers within and outside their functional area and forwarding initial draft management response to the appropriate managers (e.g., senior manager, director) for review and comments before forwarding the draft responses by the given due dates to the LB&I audit liaison for additional review and processing.
Review management responses prepared by their functional area for proper format, sentence structure, and grammar before submitting to audit liaison.
Maintain files on each open audit with related documents, including the engagement letter, audit reports, and management responses to the draft reports.
Forward periodic or monthly audit inventory reports with pertinent managers in their functional area, as deemed appropriate by the functional area.
LB&I Audit Lead
(1) The LB&I audit lead’s role is to:
Identify the appropriate SME(s). The SME’s name(s) should be provided to the functional coordinator and the audit liaison.
Become familiar with the issues addressed during the open audit and in discussion draft reports (TIGTA) or statements of facts(GAO).
Participate in audit openings, progress updates, and closing conferences and stay involved in the audit process.
Answer auditors’ inquiries and provide documents as requested during the audit, preferably through the functional coordinator and the audit liaison. If direct submission to TIGTA and GAO is required, the functional coordinator and audit liaison should be copied.
Stay in contact with the auditors during the audit to ensure the audit is progressing smoothly, request audit progress updates from TIGTA or GAO audit team and share updates with the functional coordinator and audit liaison.
Reach an agreement with the audit team on early findings, recommendations, and any monetary benefits in discussion draft reports (TIGTA) or statements of facts (GAO), and draft reports.
Provide written comments on discussion draft reports (TIGTA) or statements of facts (GAO) for the audit through the functional coordinator and the audit liaison.
Ensure timely responses to auditors' inquiries and discussion draft reports (TIGTA) or statements of facts (GAO) by promptly providing the information requested and starting to write management responses when the audit team issues the preliminary audit report.
Identify and coordinate cross-functional issues within and outside LB&I during the drafting of management responses to ensure adequate coordination when developing responses to the discussion draft reports (TIGTA) or statements of facts (GAO) and draft audit reports.
Recommend the adoption or rejection of audit recommendations based on strategic LB&I goals and objectives by assessing the merits of the recommendations and potential corrective actions based on their effect on the LB&I division's business goals, priorities, and resources available for implementation.
Develop practical corrective action plans for audit recommendations, including establishing realistic implementation dates.
Prepare management responses to draft reports for executive approval and ensure the audit reports provide accurate information.
Review management responses prepared by their functional area for proper format, sentence structure, and grammar before the functional coordinator submits to the audit liaison.
Provide periodic updates on the progress of open audits to the audit liaison through the functional coordinator.
Bring audit concerns to the attention of the executive owner of the audit, the functional coordinator and the audit liaison.
LB&I Executive
(1) The role of LB&I executives (directors) in the audit process is to:
Become familiar with the open audits assigned to their functional area.
Designate an LB&I program manager within their functional area for each audit to coordinate the audit work within and outside LB&I.
Attend audit pre-opening, opening, mid-point and closing conferences, and stay involved in the audit process as needed.
Ensure the area assumes a proactive approach during the audit process (e.g., brief the auditors early in the audit process on the programs under review, submit timely and substantive responses throughout the process).
Work with the audit team to reach an agreement on early findings or recommendations in discussion draft reports (TIGTA) or statements of facts (GAO).
Help resolve any cross-functional issues.
Review, approve and sign responses to draft audit reports.
Brief the LB&I commissioner and deputy commissioners on their audits, as needed.
Determine which audit recommendations to implement.
(2) The executive owner reaches the final decision on the implementation of recommendations for the audit.
Terms and Definitions
(1) The tables below provide definitions of terms and acronyms.
Term | Definition |
---|---|
180-Day Letter | An updated response to a GAO final report with recommendations. The IRS has 180 days from the final report’s issuance to respond to Congress with specific corrective actions, including implementation dates, to carry out the recommendation(s). |
Agreement to Facts | A document issued by TIGTA after fieldwork is underway but before the issuance of the draft report. This document represents statements about IRS programs or processes that TIGTA believes to be factually accurate based on their fieldwork and research. The IRS can review this document and provide corrections. |
Audit | An examination of government programs, operations, and financial records. The audit is interchangeable or synonymous with a review. |
Audit Liaison | A business unit single point of contact responsible for audit activity within a business unit. |
Cross-functional | An audit involving more than one business unit. |
Discussion Draft Report | Issued by TIGTA at the conclusion of fieldwork. Provides IRS management an opportunity to review the report for accuracy and discuss findings presented in the report, before issuance of a formal draft report. |
Draft Report | A formal report of audit findings and recommendations prepared after completion of an audit. The IRS is given a specified time by GAO and TIGTA to respond to the draft report, typically 30 days. EAM receives this report from GAO or TIGTA and sends an email transmitting the draft report to the business units and provides guidance for developing and routing management's response. |
Engagement Letter/Notification Letter | A letter sent to the IRS from GAO or TIGTA providing notification of a new audit. TIGTA typically uses the term "engagement letter," while GAO uses the term "Notification letter." |
Exit/Closing Conference | Meeting to discuss GAO's or TIGTA's preliminary findings and recommendations with business unit executives. IRS provides TIGTA or GAO with their perspective and position on the audit findings and shares proposed corrective actions. Discussions during the exit/closing conference often form the basis for management's response. |
Final Report | The final report is the final version of the GAO or TIGTA draft report that may or may not contain modifications to the findings and recommendations identified in the draft report. The final report contains the IRS management response to the draft report. Final reports are released to the public unless designated as Sensitive but Unclassified (SBU) or Limited Official Use (LOU). |
Findings | Describes the deficiency or opportunity for improvement in the audit report or remediation plan. |
GAO Status Checkbox | Records an update in JAMES to disclose the status of a recommendation from the perspective of GAO. |
Internal Control | An integral component of an organization’s management that provides reasonable assurance that its program and activities operate according to established policies and procedures. |
Job Code | Job code is the audit engagement number employed by the GAO auditors to keep track of the time spent on the actual audit. |
Joint Audit Management Enterprise System (JAMES) | Treasury’s web-based audit tracking system used for tracking issues, findings, recommendations, and planned corrective actions (PCAs) from TIGTA and GAO audit reports. |
Lead, or Lead Stakeholder | Business unit with primary responsibility for the subject matter of the audit and specific audit process actions/tasks. |
Limited Official Use Reports/Sensitive but Unclassified Reports | A draft or final GAO or TIGTA report limited to internal distribution because of its sensitivity. These reports are not released to the public. GAO Limited Official Use (LOU) reports are limited to specific internal IRS audiences and Congress. |
Mid-Point Conference | Interim meeting to discuss GAO’s or TIGTA’s audit and findings to date. It allows IRS an early look at audit issues, potential findings, and recommendations, and allows the IRS to provide further clarification or documentation related to information shared during audit fieldwork. |
Opening/Entrance Conference | Initial meeting where GAO or TIGTA outlines the scope of their audit, locations to be visited, anticipated date of completion, the names of auditors working on the job, and background information. GAO typically uses the term "entrance conference" while TIGTA uses the term "opening conference." The opening conference sets the stage for the audit, so expectations about recurring meetings and points of contact should be discussed. |
Planned Corrective Action | A detailed description of how management will implement a recommendation to address the audit finding(s). The PCA also includes the due date(s) and the responsible official(s). |
Recommendation | Addresses the audit finding and provides TIGTA’s or GAO’s comments to management that, when implemented, will correct the issue. |
Redaction | To redact language contained within a formal audit report means to "edit text for publication, censor or obscure part of the text for legal or security purposes, or to remove text from a document before publication or release." This step in the review process is essential for the protection of sensitive information that could be used to circumvent the law. |
Stakeholder | An organization or person with responsibility or a vested interest in the subject matter of an audit. |
Statement of Facts | A document issued by GAO and similar to the Agreement to the Facts Report issued by TIGTA. Provides IRS management and stakeholders an opportunity to review audit findings for accuracy and discuss findings presented in the report. The Statement of Facts does not always include recommendations, so IRS staff should ask GAO if it will propose any recommendations. |
Supporting Business Unit | A business unit that shares some responsibility for programs or processes being audited but is not the audit’s lead stakeholder. A supporting business unit may have a small or large share of the work associated with the process under audit or may indirectly support the process itself through separate work. |
Acronyms
(1) The table below provides definitions of acronyms.
Acronym | Definition |
---|---|
ADCCI | Assistant Deputy Commissioner Compliance Integration |
ALL | Audit and Legislative Liaison |
ATF | Agreement to Facts |
BOD | Business Operating Division |
BPR | Business Performance Review |
DCOS | Deputy Commissioner for Operations Support |
DCSE | Deputy Commissioner for Services and Enforcement |
DDR | Discussion Draft Report |
DR | Draft Report |
EAM | Enterprise Audit Management |
ESC FMC | Executive Steering Committee Financial Management Controls |
e-Trak | Electronic Information Tracking |
FMFIA | Federal Managers’ Financial Integrity Act |
GAO | Government Accountability Office |
IDR | Information Document Request |
IG | Inspector General |
JAMES | Joint Audit Management Enterprise System |
LOU | Limited Official Use |
NARA | National Archives and Records Administration |
OIG | Office of the Inspector General, Treasury |
OUO | Official Use Only |
PBS | Program and Business Solutions |
PCA | Planned Corrective Action |
PII | Personally Identifiable Information |
PPCA | Program Planning, Coordination and Analysis |
SBU | Sensitive but Unclassified |
SME | Subject Matter Expert |
SOF | Statement of Facts |
SOP | Standard Operating Procedures |
SPOC | Single Point of Contact |
TIGTA | Treasury Inspector General for Tax Administration |
TPS | Technology and Program Solutions |
Related Resources
(1) LB&I follows general program guidelines for the TIGTA and GAO Audit Program in the Enterprise Audit Management (EAM) per IRM 1.29.1, Audit Coordination Process - Authorities and Responsibilities.
Audit Process for LB&I Primary Open Audits
(1) The following are the steps in the audit process from audit planning and preliminary research activities to the tracking and implementation of corrective actions addressing audit recommendations.
Audit Planning and Research Activities
(1) Activities such as research projects, information gathering for congressional requests, and annual audit planning do not require a formal engagement letter from the audit team. However, auditors must report the scope of the preliminary audit work or research projects, offices and personnel involved, and estimated time frame to EAM by email. The audit liaison alerts pertinent managers about the planned research projects and coordinates requests for information.
(2) Managers should refer the TIGTA auditor to the audit liaison when auditors contact them directly for taxpayer information, tax return information or other sensitive information during audit research activities. The audit liaison will verify whether:
The inquiry is related to a research project, an on-going audit, or a new audit.
Auditors have assigned an audit/job code number.
Auditors have notified EAM.
(3) The RRA 98 gave TIGTA authority to access taxpayer information needed to conduct their reviews. If auditors show proper credentials (e.g., identification badge), they have access to such information.
(4) If GAO analysts request information and EAM has not yet received a formal study notification, managers should immediately notify the Business Operating Division (BOD) functional coordinator, with a copy to the audit liaison, Also, contractors accompanying GAO analysts to an audit site should not have access to tax return information. Additional information on disclosure of taxpayer information to GAO and TIGTA is in IRM 11.51.1.2.2.2 and IRM 11.51.1.2.2.3.
Engagement Letter/Study Notification
(1) To inform the IRS of their plans to begin new audit work, TIGTA and GAO issue a formal engagement letter and study notification, respectively. The suggested lead stakeholders for the new audits is designated by EAM. EAM sends the audit engagement letter from TIGTA or the study notification from GAO, with cover memoranda, to all BODs by email. The email is typically sent to the LB&I ALL manager. Once TIGTA notifies LB&I about a new lead audit, the audit liaison should contact the required points of contact and begin planning for the opening meeting.
(2) The TIGTA engagement letter consists of:
Audit objectives
Audit site visitations
Estimated completion dates for the draft and final reports (TIGTA reviews)
Request for contacts and documents needed
Names of auditors and other higher-level contacts
(3) The GAO study notification letter does not provide estimated completion dates for discussion draft or draft reports. However, the timetables are usually discussed at the opening or entrance conferences.
(4) At the receipt of the engagement letter or study notification the LB&I audit liaison should:
Designate a lead stakeholder function within LB&I, based on what function owns the program under review, to work with the audit team and coordinate the audit with functions within and outside LB&I, as necessary.
Prepare a transmittal and forward the transmittal by email to the appropriate lead and non-lead offices' functional coordinator for dissemination as deemed appropriate.
Include the engagement letter or study notification and the cover memorandum for information.
Copy PBS director, TPS director, PPCA executive, ALL team manager, and other LB&I liaisons in the email, noting in the email that it is for information only for those copied.
Determine if a pre-opening internal call with all stakeholders is needed, and if so, schedule the call prior to the opening conference.
Create an electronic file for the audit.
Opening Conference
(1) This meeting provides internal stakeholders with information on prior related audits and planned corrective actions, as applicable, and determines required participants and responsible parties.
(2) Once EAM has designated LB&I as the lead stakeholder for a new audit, LB&I holds the opening conference (usually a one-hour meeting) within one or two weeks after receipt of the engagement letter or study notification. TIGTA auditors may begin fieldwork before the opening conference takes place. Opening conference participants usually include appropriate LB&I executive-level officials, program managers and their pertinent staffs, staff from affected functions outside LB&I, EAM, and TIGTA or GAO officials, depending on the audit type.
(3) At the opening conference, auditors discuss the audit objectives, offices they plan to contact and communication expectations.
(4) The audit liaison should:
Determine the availability of critical internal and external stakeholders.
Schedule the virtual opening conference with TIGTA or GAO and coordinate the meeting with affected functions within and outside LB&I, as needed.
Solicit names, as listed in the Address Directory in Outlook, of important participants from all impacted BOD stakeholders.
Attach the engagement letter/study notification along with any other relevant correspondence (e.g., initial IDR) to the meeting invitation.
Send an invitation to the stakeholders, functional coordinators and essential participants. Invite them to forward as deemed appropriate.
Facilitate the opening conference.
(5) The designated LB&I functional coordinator for the new audit, or designated representative from their staff, is responsible for taking notes during the opening meeting and sharing them with the audit liaison and other meeting participants, as needed within three (3) business days.
Disclosure of Taxpayer Information to TIGTA
(1) Treasury Order 115-01 establishes the functions of TIGTA. Section 5d states, "In carrying out their official duties, TIGTA personnel shall have the full cooperation of employees of the Department of the Treasury and shall have full and prompt access to all facilities of the IRS and related entities, including computer facilities and computer rooms, electronic databases and files, electronic and paper records, reports and documents, and other material available to the IRS and related entities, which relate to their programs and operations; and, when access is necessary to execute a function of TIGTA about a matter within the jurisdiction of TIGTA, all similar facilities throughout the Department."
(2) For TIGTA audits or investigations, two statutes allow disclosure of tax and related tax return information:
Title 26 of the U.S. Code (Internal Revenue Code) section 6103 – if the data requested is tax information (in case of an audit of the IRS)
Title 5 of the U.S. Code section 552a (The Privacy Act of 1974) – if the data requested are personnel records or other records retrieved by an identifier such as Standard Employee Identification (SEID) or Social Security Number (SSN).
(3) Both statutes have provisions allowing disclosure to TIGTA under certain conditions. IRC 6103(h)(1) allows the IRS to disclose information to Treasury employees with a "need to know" for tax administration purposes. The authority for releasing information covered by the Privacy Act is 5 USC 552a (b)(1). It is also governed by the "need to know" conditions to perform the auditor’s duties. The legislative history of RRA 98 states, "The Treasury Inspector General (IG) for Tax Administration has the same access to taxpayer returns and return information as does the Chief Inspector under present law."
(4) TIGTA may contact IRS managers or employees to gather information in connection with an open audit or research work before an audit. LB&I employees should consult with their managers who, in turn, should contact their area’s functional coordinator. The functional coordinator should contact the audit liaison for additional information on the inquiry.
(5) Any documents shared with TIGTA/GAO that have personally identifiable information (PII) or workload selection information (such as offical-use-only, or OUO), should be clearly identified on the document as such. The document containing PII or workload selection information should include a notification to TIGTA not to publicly publish the document.
Disclosure of Taxpayer Information to the GAO
(1) Shortly after EAM receives the GAO study notification letter, it prepares a transmittal or cover memorandum addressed to the official(s) designated as lead stakeholder(s) for the new audit (e.g., division commissioner). The memorandum transmitting the GAO study notification is known as the "disclosure memorandum" because it authorizes managers to allow access to tax return and information return documents to the GAO team in connection with the new review. The memorandum is forwarded with the GAO study notification to managers involved in the review, provides instructions to managers on how to handle GAO requests for taxpayer information and account for disclosure of such information based on IRM 11.3.23, Disclosure to the GAO.
(2) EAM issues a disclosure memorandum for each GAO study notification, which authorizes access to taxpayer records to GAO based on authority granted by IRC 6103(f)(4).
(3) The opening conference with GAO to discuss the new study should not take place until the designated lead stakeholder receives the disclosure memorandum from EAM.
(4) Managers should not provide taxpayer or return information to the GAO before EAM issues the disclosure memorandum.
(5) The designated lead executive(s) and pertinent program manager(s) should become familiar with the disclosure memorandum and discuss with the audit team at the opening meeting what IRS records and taxpayer information GAO needs.
(6) EAM notifies the appropriate functions by email about any changes in the original GAO audit plan such as access to taxpayer information, changes in audit objectives, expansion of audit sites, or closing an audit before issuing a draft report.
(7) The disclosure memorandum, addressed to the lead stakeholder(s) for the audit, provides specific disclosure instructions. It applies to managers within the IRS providing taxpayer information to GAO analysts or representatives. Employees should consult with their managers before releasing any information to GAO in connection with an ongoing review.
(8) IRM 11.3.23, Disclosure to the Government Accountability Office discusses GAO access to any tax or nontax information, with the exception of the identity of an informant or any information which will tend to reveal the identity of an informant, grand jury information, and certain information obtained under tax treaty that falls within the scope of a review. If information exists that would identify a confidential informant, either directly or indirectly, you should partner with EAM to coordinate with the appropriate business unit for authority to withhold the information. Similarly, if it appears that disclosure of tax information to the GAO would seriously impair a civil or criminal tax investigation, please coordinate with EAM to seek authorization to withhold such information.
(9) For additional information see IRM 1.29.1, Authorities and Responsibilities.
GAO Personnel Designated to Have Access to Taxpayer Information
(1) Managers can disclose taxpayer information only to those GAO representatives whose names appear on the current list of GAO personnel designated to review IRS programs under IRC 6103(f)(4).
(2) GAO analysts or representatives should contact the appropriate manager (e.g., the designated primary contact within the lead stakeholder area or the audit liaison) to arrange for their visits to collect taxpayer information.
(3) If the name of the GAO representative requesting information is not in the list, managers should contact the audit liaison to request an updated list or addendum from the GAO.
Accounting for Disclosure of Tax Return or Return Information to the GAO
(1) The lead executive owner for the GAO review and/or the designated program manager in LB&I is responsible for reviewing and approving responses to requests for information from the GAO involving tax returns or information returns, accounting for the disclosures of taxpayer information, and coordinating with the GAO to deliver the information requested by express mail.
(2) Subsection I of the Privacy Act and IRC 6103(p)(3)(A) govern accounting for the disclosure of tax returns and return information. Generally, managers may use Form 5466-B, Multiple Record of Disclosure, to account for tax disclosures, although in situations where managers are disclosing a large volume of records at one time (mass disclosures), they may use a narrative accounting (letter) instead. To account for the disclosure, the responsible manager(s) should use Form 5466-B or a narrative record (letter) providing specific information as described in the IRM. See IRM 11.3.37 for IRS procedures to create a record of the disclosure (an "accounting"). Managers should send copies of Form 5466-B to the appropriate campus (see IRM 11.3.37.3.1 ) or email *PGLD Disclosure Accounting mailbox for bulk/ narrative accounting, prior to the end of the calendar year, and to the audit liaison for record-keeping via encrypted email.
(3) Managers should send copies of Form 5466-B or narrative (letter) to the appropriate Disclosure Office and the audit liaison for record-keeping via encrypted email.
(4) Refer to Document 12990, IRS Records Control Schedule (RCS), Schedule 8, Item 44-A and Schedule 29, Item 46, Form 5644-B Multiple Records of Disclosure, to ensure records, in hard copy and electronic format, are appropriately managed, retained and archived in accordance with the National Archives and Records Administration (NARA) approved records retention and disposition authority.
(5) The Privacy Act of 1974 (5 USC 552a) and IRC 6103 (26 USC 6103) require the IRS to maintain an accurate accounting of the disclosure of records when the IRS discloses the information without the individual’s prior notification or consent. Subsection (b) of the Privacy Act requires an accounting for the disclosure of non-tax information about individuals (i.e., personnel records, travel vouchers, etc.). Form 5482, Record of Disclosure, is used to account for disclosure of the non-tax records. Refer to Document 12990, Schedule 8, Item 44-B, Form 5482 Record of Disclosure (Privacy Act of 1974), for the NARA-approved records retention and disposition authority.
(6) The narrative record of accounting letter should include:
Date of disclosure
Name of agency receiving the information
Purpose of the disclosure (i.e., disclosure authority under IRC 6103(f)(4)(A))
The category (IMF or BMF) and number of taxpayers involved in the disclosure
Description of the document(s) disclosed
ADP source code (128 for Business Master File taxpayers)
Location of the IRS office retaining a copy of the documents disclosed
Type of documents disclosed (1 for tape extracts and 2 for all other disclosures)
(7) Managers can refer questions on accounting for disclosure to the LB&I’s disclosure technical advisor. If the disclosure technical advisor is not available, managers can contact the disclosure officer serving their functional area or state.
Fieldwork
(1) The audit liaison tracks the progress of research projects, audits, and requests for information and meetings from the auditors. After the opening conference, the auditors can directly contact the designated primary contact (e.g., program manager) in the lead stakeholder function within LB&I for subsequent requests for information and meetings. Auditors issue email to request information or management action, obtain agreement to the facts or clarify issues. The auditors should send their inquiries to the designated contact by email, with a copy to the functional coordinator and audit liaison.
(2) The lead stakeholder or executive owner for the audit in LB&I is the primary contact for the audit once fieldwork starts. This responsibility is customarily delegated to the functional coordinator.
(3) The audit liaison and designated functional coordinator should initiate an IDR log at the inception of the audit. The IDR log should be discussed at the opening conference. The functional coordinator will maintain the IDR log. The log shall contain all requests, including employee interviews and meetings with the auditors.
Discussion Draft Report (TIGTA) or Statement of Facts (GAO)
(1) After the TIGTA or GAO audit team completes the audit’s research work, it prepares a discussion draft report (TIGTA) or statement of facts (GAO).
(2) The audit team sends the document to EAM, who, in turn, forwards to the appropriate IRS officials by email.
(3) The purpose of the discussion draft report (TIGTA) or statement of facts (GAO) is to allow managers to review findings and share concerns before the team issues the draft or final report.
(4) GAO's statement of facts does not include audit recommendations. However, GAO shares information on planned recommendations during the closing meetings.
(5) TIGTA's discussion draft report includes proposed recommendations. However, TIGTA can revise the recommendations based on closing meeting discussions.
Closing Conference
(1) A closing or exit conference takes place at the end of an audit, following receipt of the discussion draft report (TIGTA) or the statement of facts (GAO). The closing meeting takes place at the request of the TIGTA audit team or the LB&I managers responsible for the audit. The purpose of the meeting is to discuss managers’ comments or reactions to the discussion draft or statement of facts before the draft report is issued. The executive lead stakeholder, or a representative, should participate at the closing conference. If possible, the LB&I manager should seek concurrence from the audit team on proposed revisions to the discussion draft report or statement of facts and request a revised audit report before the audit team issues the draft report.
(2) The audit liaison should:
Email the statement of facts, discussion draft report, or draft report to appropriate functional coordinator and cross-BOD audit liaisons (if appropriate) for distribution to their pertinent director, executive assistant and program manager.
Request stakeholder review and provide written comments on the audit report by a specific due date before the internal closing conference.
Schedule the internal closing conference call and coordinate the meeting with appropriate stakeholders within and outside LB&I.
Coordinate the closing meeting with the TIGTA or GAO audit team, appropriate LB&I stakeholders, and cross-BOD stakeholders (outside LB&I) to schedule the external closing conference call.
Ensure appropriate executives attend the closing conference to provide an opportunity to address their concerns with the audit findings and recommendations.
Include EAM and Legislative Affairs in the invitations to all milestone conferences.
Facilitate the closing conference.
(3) The executive owner(s) of the audit and pertinent program manager(s) responsible for the audit should thoroughly review the discussion draft report or statement of facts to ensure the report reflects:
Adequate understanding of the program audited.
Accurate, relevant, and current facts.
Perspective on the extent and significance of negative findings reported.
Sufficient evidence to support the findings and recommendations.
Balanced tone, especially on titles and headings.
Connection between audit objectives, audit findings, and conclusions.
Conclusions and recommendations based on the facts presented.
(4) Although the IRS does not need to issue a formal response to the discussion draft report or statement of facts, this is the time to raise concerns and consider the feasibility of adopting the audit recommendations, if the report has recommendations.
(5) Managers should take advantage of this opportunity to discuss any concerns or inaccuracies with the audit report. When concerns or inaccuracies exist in a discussion draft report or statement of facts, the lead stakeholder function should coordinate with pertinent managers within and outside LB&I, as needed, to prepare comments.
(6) All stakeholders should provide written comments, or a negative response, to the LB&I functional coordinator with a copy to the audit liaison before the internal closing conference.
(7) The functional coordinator will consolidate all comments and forward them to the audit liaison. The audit liaison will share the consolidated comments with all stakeholders via an update to the invitation to drive the internal closing conference discussion.
(8) The functional coordinator will update the consolidated comments to reflect changes /updates from the internal meeting and forward the revised comments to the audit liaison. The audit liaison will provide the final consolidated comments to the stakeholders and the audit team by updating the external closing invitation.
(9) The comments should be delivered to the audit team no later than 48 hours before the closing conference to allow enough time to receive TIGTA’s responses in writing. By providing written comments, managers ensure they address all their concerns with the report, provide the auditors specific language for revisions, and clarify any misunderstandings during the meeting. Written comments reduce the time spent taking meeting notes and help focus the closing meeting discussions on the most critical issues. However, TIGTA and GAO do not have to provide a written response to the IRS’s comments.
Draft Audit Report
(1) The TIGTA and GAO Audit Team sends a copy of the draft audit report to EAM. EAM creates an e-Trak correspondence control for tracking and forwards the draft report with transmittal to the appropriate IRS officials by email. The e-Trak correspondence control system is a web-based Servicewide document tracking application used by EAM to track the movement of the management response package.
(2) The audit liaison should:
Prepare a management response package including transmittal with instructions and timetable, management response template, notes to reviewer, and action routing sheets for each stakeholder, PBS, and LB&I executives.
Forward the draft report and transmittal with instructions to the appropriate LB&I functional coordinator and audit liaisons outside of LB&I, if cross-functional coordination is necessary. The functional coordinator and audit liaisons will forward the draft report as appropriate in their organization.
Instruct the program manager from the lead stakeholder function within LB&I to coordinate the management response with functions within and outside LB&I, as necessary.
Management Response to the Draft Report
(1) The lead stakeholder practice area is responsible for drafting the management response. TPS is responsible for coordinating the review and approval of the signature package.
(2) Management responses to TIGTA draft reports are usually due in 30 calendar days.
(3) In cases where it is the lead stakeholder, LB&I is responsible for coordinating review within LB&I and with the Deputy Commissioner of Services and Enforcement (DCSE). LB&I audit liaison also submits the management response directly to TIGTA.
(4) Operating division commissioners are responsible for signing management responses to TIGTA draft audit reports.
(5) When the TIGTA audit affects more than one division or has the potential to have a significant impact on the IRS, signatures of all impacted BODs must be obtained.
(6) The lead executive assigned responsibility for preparing the management response to the draft report will obtain the signatures of the other impacted BODs using a Form 14074, Action Routing Sheet.
(7) The LB&I managers responsible for drafting the response to the draft audit report should:
Coordinate with functional areas within and outside LB&I, as needed, when drafting the management response.
Consolidate and review comments gathered for the management response.
Draft the response using the response template prepared and provided by the audit liaison and follow the writing guidelines provided.
Forward the draft response to the audit liaison by the due date provided in the response timetable.
(8) A draft management response should include the following:
A positive tone.
Introductory paragraph acknowledging the report. (A "thank you" statement is not necessary as an introduction.)
Agency message or LB&I "story" (one or two paragraphs) addressing the issue(s) covered in the report and presenting a positive picture of what LB&I has generally done to address the significant issues(s).
An attachment outlining the corrective action plan for each recommendation identifying responsible officials and the estimated implementation date for each action.
A statement of agreement or disagreement is not necessary in the response.
Include a statement indicating agreement or disagreement for all monetary benefits reported, if any, in the body of the memo.
(9) Corrective actions consist of specific actions planned to address audit recommendations, including estimated dates for implementation. When preparing responses, managers should examine the findings and recommendations in the draft report to ensure they have addressed the audit issues in their responses. Managers must determine whether to adopt or reject the recommendations. They should consider the following factors before committing to corrective actions:
Legislative mandate – Must LB&I implement the recommendations based on compliance with an existing law, rule, or regulation? If so, managers should adopt the recommendations.
Duplication – Is LB&I already doing what the audit team recommends? If so, a new corrective action is not needed. Managers should provide information on what has been done or is in the process of being done to address the recommendations and the source of duplication (e.g., Federal Managers' Financial Integrity Act (FMFIA) Action Plan).
Modernization plans – Are recommendations part of a current modernization effort? If so, managers do not have to provide new corrective actions. Instead, managers should provide information on the specific modernization plans addressing the recommendations.
Cost/benefit factors – Are the resources available to implement the recommendations? Do they make good business sense? If not, managers should let auditors know why the recommendations are not cost effective or why they do not make good business sense.
(10) Managers should assign realistic time frames for implementing planned corrective actions and allocate the necessary resources to meet the time frames. Assigning an implementation date to a planned corrective action without considering the resources needed to implement it will result in possibly having to extend of the due date or cancellation of corrective actions, which reflects poor planning. Generally, LB&I avoids completion dates in September, December, and January due to fiscal year-end responsibilities and use-or-lose annual leave.
(11) The audit liaison reviews the draft response to ensure that managers:
Vetted the draft response with the executive owner for the audit (e.g., director) and other managers involved in the development of the response within and outside of LB&I before submitting the draft response to the audit liaison.
Used the proper response format or template the audit liaison provided.
Addressed findings and recommendations in the draft report.
Provided an estimated implementation date or completed date for each corrective action (for TIGTA draft reports).
Listed a responsible official for each corrective action (for TIGTA draft reports).
Followed the recommended writing guidelines.
Addressed the outcome measures in the draft report (TIGTA), if any.
(12) The audit liaison should:
Ask managers to provide any missing information and edit the draft response.
Request an extension of the response due date from the TIGTA or GAO audit team, if needed.
Follow service guidelines for the proper review by PBS and LB&I officials.
Forward the signature package, including the final draft response electronically to the ALL team manager for routing to PBS, LB&I commissioner, and DCSE Offices.
(13) The TIGTA signature package will be routed as follows:
LB&I lead stakeholder to audit liaison (PBS)
Audit liaison to PBS senior management and EAM
PBS to LB&I commissioner
LB&I commissioner to DCSE
DCSE back to LB&I commissioner
LB&I commissioner to audit liaison
Audit liaison to TIGTA by 5:00 p.m. (EST) on the requested response date
(14) The response to GAO draft report is general in nature. GAO sets the response date for each audit (typically, the response time is 30 days, but it may be less). LB&I is responsible for coordinating review with LB&I stakeholders. EAM is responsible for coordinating review with the DCSE and submitting the response to the GAO.
Distribution of the Management Response
(1) For TIGTA audits, the audit liaison should:
Forward a clear scanned copy of the signed response to the TIGTA mailbox by email.
Send a copy of the signed response to the TIGTA audit manager and the TIGTA senior auditor for the audit.
Share a copy of the signed response with EAM, pertinent managers and audit liaisons within and outside LB&I, as needed.
Final Report
(1) The final report is typically sent to the IRS between two and four weeks after the management response is submitted.
(2) Under the IG Empowerment Act of 2016, TIGTA is required to publicly release a final report three (3) calendar days after a final report is issued to the IRS. As a result, there is not much time to correct any misunderstandings, discuss redactions or defuse any TIGTA Office of Audit reactive comments before a press release. This should be the focus (especially disclosure/redaction issues) during the ATF/DDR phases. IRS does not respond to the TIGTA final report.
(3) In GAO audits, Legislative Affairs creates an e-Trak number and sends the final report, with cover memoranda, to the audit program manager and liaison in the appropriate function by email. Legislative Affairs controls final GAO reports with recommendations to the lead stakeholders through e-Trak.
(4) The audit liaison should:
Forward copies of the final TIGTA report to the appropriate offices through the audit liaisons within and outside LB&I, as needed.
For GAO audits, provide instructions by email to pertinent managers to prepare the 180-Day Letter (for GAO reports with recommendations; explained in the next section).
(5) Once TIGTA or the GAO issues the final report, the lead stakeholder for the audit or their designated program manager should continue to coordinate the implementation of the planned corrective actions with the appropriate managers within and outside LB&I, as necessary.
180-Day or Congressional Letter
(1) The final report procedures for the GAO audits differ slightly from the TIGTA procedures because the statute requires that IRS respond to the Congress within 180 calendar days of the issuance of a GAO final report with recommendations (180-Day Letter). Legislative Affairs creates e-Trak controls to track the progress of the 180-Day Letter required for the GAO final reports.
(2) The 180-Day Letter format must comply with IRM 1.10.1, IRS Correspondence Manual. and should include information on actions taken or planned to address the audit recommendations. The management response and drafting process for the GAO final report (explained under IRM 11.51.1.2.5.1, Management Response to Draft Report) are very similar to the required response to the GAO draft report. However, the 180-Day Letter will provide specific corrective actions, due dates, responsible officials and action monitoring plans to address each audit recommendation.
(3) The audit liaison should:
Develop and forward a management response template and response timetable to pertinent LB&I functional coordinator and audit liaisons in other business units to facilitate the drafting of the 180-Day Letter.
Ensure that the e-Trak correspondence control system is updated to show the progress of the 180-day congressional response delivered to reviewers and finally signed.
Review the 180-Day Letter and coordinate any necessary changes with the pertinent program manager(s) and/or functions involved.
Share a preliminary copy with EAM and Legislative Affairs.
Prepare the signature package and forward the 180-Day Letter (the same letter is addressed to the House of Representatives and the Senate committees) for review and approval to ALL, TPS, PBS management and the LB&I commissioner.
Submit the 180-Day Letter package to Legislative Affairs for review at least five days before the management response is due.
(4) Legislative Affairs submits the package to the DCSE. Legislative Affairs retrieves the signature package and delivers the letter to the various congressional committees. The audit liaison gets a copy of the signed 180-Day Letter and the signature package from Legislative Affairs and shares with pertinent managers, and audit liaisons within and outside LB&I by email, as needed.
Audit Process for LB&I Non-Lead Audits
(1) Audits for which LB&I is not the lead stakeholder are considered an LB&I non-lead audit. The audit procedures are the same as for lead LB&I audits, except that LB&I is not responsible for scheduling opening, closing, or progress update conferences or for preparing final management responses to draft reports and the 180-Day Letter (GAO reports).
(2) The audit liaison handles all engagement letters, audit reports, and audit inquiries on non-primary audits the same as primary audits.
(3) EAM forwards copies of all engagement letters to the audit liaisons for review.
(4) The audit liaison reviews each engagement letter to determine if LB&I will be involved in the planned audit, and forwards copies to the appropriate offices within LB&I for possible participation in the opening conference or responses to inquiries from the auditors during the audit.
(5) LB&I Division provides general report comments or specific comments on the recommendations pertaining to LB&I to the audit liaison in lead function. The comments should be appropriately vetted and signed off by the executive owner for the audit.
(6) The audit liaison provides consolidated LB&I comments to the lead stakeholder function by email . This procedure also applies to minor comments (e.g., editorial changes) or negative replies.
(7) Once the management response to the draft report has been drafted, the audit liaison for the leading function provides a copy of the final draft response to the LB&I audit liaison for review and approval by the appropriate LB&I executive owner(s).
TIGTA/GAO Internal Control Program Background
(1) The Department of Treasury tracks the status of its bureaus' planned corrective actions addressing audit recommendations from TIGTA and GAO audit reports through the Joint Audit Management Enterprise System (JAMES). JAMES tracks the progress the bureaus are making in implementing TIGTA and GAO audit recommendations based on Treasury Directive 40-03, which establishes the policies and procedures and assigns responsibilities for implementing and monitoring audit follow-up within the Department.
(2) The Chief Risk Officer, specifically EAM, is responsible for evaluating the effectiveness of IRS actions taken in response to audit recommendations from TIGTA and GAO. This office is primarily responsible for:
Maintaining and updating the JAMES tracking database.
Informing Treasury and the Executive Steering Committee for Financial and Management Controls (ESC FMC) about the status of the audit inventory through periodic reports.
Ensuring the quality and timeliness of implementing IRS’s audit planned corrective actions.
Role of the JAMES Audit Coordinator in the Audit Process
(1) The LB&I JAMES coordinator (JAC) acts as the primary point of contact liaison between the Chief Risk Officer- Enterprise Audit Management and LB&I for tracking and reporting on TIGTA and GAO audit corrective actions. The LB&I JAC is responsible for monitoring the implementation of the planned corrective actions in response to TIGTA and GAO audit recommendations. The JAC’s internal process in LB&I includes:
Forwarding JAMES verification memoranda and any other EAM memoranda to the appropriate LB&I functional coordinators to request verification of the information uploaded to the JAMES database.
Requesting status updates from functional coordinators on the open TIGTA and GAO corrective actions.
Briefing functional coordinators on problems or issues dealing with updates to TIGTA and GAO corrective actions.
Preparing and submitting a weekly report on the status of open TIGTA and GAO corrective actions to the ALL team manager.
Assisting functional coordinators with gathering and preparing documentation required in support of closing TIGTA or GAO planned corrective actions forwarding them to EAM.
Assisting functional coordinators in preparing documentation to extend the projected implementation date of a TIGTA or GAO planned corrective action not implemented as planned and forwarding it to EAM.
Assisting functional coordinators with the preparation of corrective-action transfer memoranda to other IRS operating divisions and forward them to the appropriate offices.
Providing information when periodically requested on the status of open and closed planned corrective actions..
Maintaining records on JAMES audit verification memoranda, management updates to corrective actions, and related documents for each of the audit reports and corrective actions (e.g., maintains a corrective actions inventory database).
Acting as liaison between LB&I functional coordinators and EAM to resolve any problems encountered during the implementation of planned corrective actions.
GAO/TIGTA Audit Recommendation and Corrective Actions Follow-Up Process
(1) The following sections explain the tracking of the implementation of corrective actions addressing audit recommendations to ensure that LB&I implements planned actions timely and as stated in the management responses to audit reports.
Audit Verification Using the Joint Audit Management Enterprise System (JAMES)
(1) Once TIGTA or GAO issues a final report, EAM prepares the JAMES A6 abstract and the Audit Verification transmittal memorandum. The abstract contains a summary of findings, recommendations, and planned management corrective actions, including the amount of any potential monetary benefits. For GAO final reports, initial abstracts prepared after receipt of the final reports show only findings and recommendations.
(2) Unlike responses to TIGTA draft audit reports, the management responses to GAO draft reports do not include specific corrective actions, due dates, and responsible officials.
(3) EAM forwards the JAMES audit verification memorandum transmitting the final report abstract to the LB&I JAC requesting verification that the information shown in the abstract is correct.
(4) If not already provided, identify the specific corrective actions and original due dates for each audit recommendation (for GAO report abstract). EAM assigns three-digit numbers (e.g., 1-2-3) to corrective actions when developing the final report abstract in the JAMES tracking system. The first digit represents the finding, the second the recommendation, and the third the corrective action number under the recommendation.
(5) The LB&I JAC forwards the verification memorandum to the appropriate LB&I functional coordinator to identify discrepancies. In case of discrepancies in the JAMES abstracts, the functional coordinator notifies the LB&I JAC, who notifies EAM of the discrepancies. If no changes are necessary, the LB&I JAC confirms by email to EAM that the abstract is correct.
(6) EAM provides the due date for LB&I's responses to requests for verification.
Corrective Action Status Updates
(1) LB&I directors are responsible for implementing the corrective actions they agreed to in the management responses to draft audit reports. The LB&I JAC is responsible for monitoring the status of all open LB&I corrective actions. The LB&I JAMES system sends due date reminders to the JAC 10, 30, and 60 days before the PCA due date. Managers must provide written updates to management corrective actions and give specific information about actions taken, including completion dates. If an action has been completed, other documentation showing that the recommendation was implemented should be provided and attached to the Form 13872, Planned Corrective Action (PCA) Status Update for TIGTA/GAO/MW/SD/TAS/REM Reports. GAO or TIGTA does not consider a recommendation closed simply because the JAMES report shows the IRS closed it. The auditors may request documentation as evidence that the corrective actions have been implemented.
(2) Requests for extensions of due dates should provide specific reasons for delays in implementing actions. When preparing status updates, managers should look closely at the JAMES abstracts or the final report to ensure their status updates address the recommendations and planned corrective actions in the abstracts. Managers should address any identified monetary benefits in the status update, whether realized or not.
(3) For revisions of due dates, managers should set revised dates to the anticipated completion of the action to allow five business days to provide a response to the AC and entry into JAMES. The appropriate director, as well as the program manager, must sign the Form 13872, Planned Corrective Action Status Update for TIGTA/GAO/MW/SD/TAS/REM Reports.
(4) EAM will inform the LB&I JAC of any pending actions because the status narratives were not satisfactory to either change, close, or delay the actions. Actions involving a request for Information Technology (IT) services or revisions to the IRM require full implementation of programming changes and actual IRM revisions, respectively, to close them in the JAMES tracking system.
Change/Cancellation of Corrective Actions
(1) To request approval (signature) to change planned audit corrective actions or to close audit corrective actions that managers could not implement as planned (e.g., programming changes could not be implemented because the IT request was not approved or because a planned project was canceled), managers must prepare and send concurrence memoranda to EAM for review before submitting them to TIGTA.
(2) The business units are responsible for preparing concurrence memoranda for their director’s signature and for forwarding them, through the LB&I JAC to EAM for TIGTA and GAO corrective actions. The LB&I JAC is also responsible for following up on these memoranda. The coordinator forwards copies of the memoranda that TIGTA signs to EAM with the cover memorandum.
(3) Managers should request a due date extension for planned corrective actions pending responses from TIGTA or GAO.
(4) Managers should request a due date extension for planned corrective actions pending responses to memoranda requesting approval to close or change a planned corrective action.
Transfer of Corrective Actions
(1) Transfers of corrective actions to another business unit require concurrence memoranda, with attached abstracts of the corrective actions involved, signed by the directors responsible for the audit recommendations and corrective actions, asking for concurrence signature from the appropriate directors in the receiving business unit. The LB&I JAC forwards copies of the signed memoranda to EAM and the pertinent JAMES coordinators in the receiving business unit.