4.17.3  Requirements

4.17.3.1  (02-25-2010)
Overview

  1. This section describes the requirements for:

    • Approval of CIPs,

    • Research of existing data or similar projects,

    • Control, use and disposition of external data,

    • Operational and Disclosure reviews, and

    • Privacy, security and disclosure.

4.17.3.2  (02-25-2010)
Approval

  1. The appropriate Manager/Director must approve all CIPs and extensions. See IRM 4.17.4, Procedures, for Complete Approval Process Procedures.

  2. CIPs must be approved before compliance contacts are made, that is, before taxpayers are contacted by any means as part of a compliance initiative including, but not limited to, taxpayer education, research, examination, or collection activity.

4.17.3.3  (02-25-2010)
Research of Existing Data, Similar Projects

  1. Valuable information may be obtained from existing data or similar projects. Research should be conducted to determine whether such data or projects exist. If so, document the Background and Objectives section of the authorization request. Some sources of information on other projects include:

    • IRS Websites;

    • Counterparts in other areas, functions, or units;

    • Fed/State partners;

    • National Headquarters Office of Research, Electronic Library; and

    • Internal databases.

  2. Preliminary research, that is non-taxpayer specific research, to determine whether there is potential compliance risk does not require an authorized CIP.

  3. If a similar project is identified, the CIP coordinator should consider its methodology, and results, if available, to determine how or if appropriate to proceed with the proposed project.

4.17.3.4  (02-25-2010)
Control, Use, and Disposition of External Data

  1. It is essential that the Service know what taxpayer data it has, who has it, who is authorized to use it, how it is being used, and how it is being safeguarded. To ensure these controls exist, all external taxpayer specific data not related to cases being worked by an examination or collection function as part of routine business operation will be controlled by the project coordinator. For further information on retention of taxpayer data or information, refer to IRM 1.15.23, Records Control Schedule for Tax Administration.

  2. Data can only be used for approved purposes. If new uses are developed for data already acquired, a separate authorization must be obtained prior to beginning the new use. Approval, if appropriate, must also be obtained from the data source.

4.17.3.5  (02-25-2010)
Annual Reviews

  1. The SB/SE PSP Territory Manager, Exam Return Selection Program Manager, and LMSB Planning, Quality, Analysis & Support (PQAS) function for LMSB will conduct an annual CIP operational review. Other compliance employees may be asked to assist.The objectives of the review are to evaluate:

    • Proper authorization and adherence to CIP procedures;

    • Compliance with Service policy and guidelines;

    • Accomplishment of results appropriate to the resources expended;

    • Adherence to privacy, security, and disclosure requirements;

    • Merits of continuing the CIP;

    • Timely submission of termination reports;

    • Proper authorization for modifications to a project’s scope or estimated completion date; and

    • Use of alternative treatments, and their results.

    Reminder:

    The Examination Return Selection Program Manager's review must ensure that the National CIP Database is current, accurate, and the content are appropriate for effective monitoring of expiration and termination dates of CIPs.

  2. Any issues identified or actions taken as a result of the review should be discussed with the PSP Support Territory Manager (or equivalent) and a copy of the results of the review should be shared with the appropriate Headquarter Director responsible for workload selection and delivery.

4.17.3.6  (02-25-2010)
Quality Review by Disclosure Officer

  1. The disclosure officer may, as part of the normal quality review of functions, evaluate the controls on third party return information used for CIPs and provide a written report to the PSP Territory Manager/ Exam Return Selection Program Manager and to the LMSB Operations, Planning & Support Manager.

  2. Disclosure officers will, at a minimum, address the following questions during quality reviews:

    1. Was third party return information obtained?

    2. Was required headquarters approval obtained through the submission of a CIP authorization request as contained in this document?

    3. Is the information being appropriately safeguarded?

    4. Has the function complied with the terms of the approved CIP request concerning the intended use of the information and its timely final disposition?

4.17.3.7  (02-25-2010)
Privacy and Disclosure

  1. The Privacy Act of 1974 provides the legal basis for limiting the actions of federal agencies in order to protect the privacy of individuals. IRC section 6103 provides for the protection as well as release of returns or return information.

  2. Only the minimum data required to accomplish a task should be acquired. The data must be appropriate, relevant, and necessary for the project. It must be protected against unauthorized disclosure and disposed of appropriately after it is has been used for its intended purpose. IRM 11.3, Disclosure of Official Information, contains additional information.

4.17.3.8  (02-25-2010)
Security

  1. Physical controls required by IRM 1.16, Physical Security Program, must be used to protect taxpayer information. Additional information may be found in IRM 30.9, File Management.

  2. All computer systems containing taxpayer information must adhere to the Computer Security Act of 1987 and to the requirements of IRM 10.8, Information Technology Security.


More Internal Revenue Manual