IRS Logo
Print - Click this link to Print this page

Compliance Research Information System

Privacy Impact Assessment - Compliance Research Information System (CRIS)

CRIS System Overview

The Compliance Research Information System (CRIS) is a Major Application (MA) currently in the Implementation and Operational phase of the Information System Life Cycle (ISLC).  CRIS is in the process of performing major upgrades to hardware and software.  The system owner of CRIS is the Office of Research.  The IRS CRIS was designed and implemented to specifically measure compliance to the tax code.  CRIS is an analytic research tool for the IRS.  CRIS provides a scientific, statistical method to analyze data for compliance.  The general market research methodology employed by CRIS will provide the following:

* Identification of a tax market segment using one or more measurements of compliance
* Profiles of the market segment for patterns of compliant or non-compliant behavior
* Identification of potential initiatives to treat compliance problems
* Test results of potential initiatives
* Changes in behavior for the entire market segment

A variety of measures will be used to address filing timeliness, payment timeliness and completeness, and reporting accuracy.  These measures will provide a method of comparing one segment of the population to another or to itself in another time-period.  In addition, CRIS data will allow the Business Operating Divisions (BODs) research analysts to measure compliance nationally and locally.  Measures such as Potential Tax Increase, Voluntary Compliance Level, and various payment measures will help to identify and prioritize large groups of taxpayers that exhibit substantial noncompliance.

CRIS data is sample data extracted from the Individual Master File (IMF), and from the Payer Master File (PMF) and the Information Returns Master File (IRMF) housed at the XXXXXXXXX XXXXXXXX XXXXXXXX.  Individual taxpayer-identification information is removed from the IMF extract prior to user access.  CRIS also receives total population from the Business Master File (BMF) and the Business Return Transaction File (BRTF), housed at XXX XXX.  The extracted data from the MCC is transmitted to the XXX XXXXXXXXX XXXX XXXXX housed at the XXXXXXXX XXXXXXXXX XXXX via the Treasury Communications Enterprise (TCE).  Taxpayer identification information for the BMF extract is not removed.  This information may be used for further research and/or follow-up actions at a later date.  CRIS also receives data from the Bureau of Census.  The data received from the Bureau of Census is transmitted via the Internet to the XXX.  The data is sanitized prior to transmission to CRIS.

Once sanitized, the IMF data is used to build the Individual Filer Model (IFM) and the BMF is used to build the Business Filer Model (BFM).

Using the data provided by CRIS and reliable research studies, it will be possible to determine the causes of noncompliance and to develop, test, and implement effective, cost-efficient treatments for identified noncompliance.

I.  Data in the System

1. Generally describe the information to be used in the system in each of the following categories:

* Taxpayer: Taxpayer information that will be used in the CRIS includes the following forms.

> Form1040, Individual Income Tax Return, from the IMF
> Forms1120, Corporate Business Filers, from the BMF
> Form 1120S, Specialized Forms, from the BMF
> Form1065, Partnership Returns, from the BMF

* Employee:  Employee data used in this system consists of User Identification (ID), Location Code, Badge Number, Last Name, First Name, Phone Number, Position Code, and Email Address.

* Other:  Other data used in this system is received from the Bureau of Census and is sanitized prior to being loaded onto CRIS.

2. What are the sources of the information in the system? 

a. What IRS files and databases are used? 

CRIS will use files from the IFM, and from PMF and IRMF.  CRIS will also use information from the BRTF, and the BFM Corporate Business Filers Form 1120, Specialized Form 1120S, and Partnership Returns Form1065.

b. What Federal Agencies are providing data for use in the system?

The Bureau of Census provides information to CRIS, which is sanitized prior to being loaded into CRIS.

c. What State and Local Agencies are providing data for use in the system? 

State and Local Agencies are not providing data for use in CRIS.

d. From what other third party sources will data be collected?

Data is not collected from any third party sources.

e. What information will be collected from the taxpayer/employee?

Only data contained on individual tax returns and business tax returns will be included in the samples analyzed. 

3. a. How will data collected from sources other than IRS records and the taxpayers be verified for accuracy?

The Bureau of Census is responsible for ensuring the accuracy of the data they provide to the IRS.

b. How will data be checked for completeness?

The Bureau of Census is responsible for ensuring the completeness of the data.

c. Is the data current? How do you know? 

The Bureau of Census is responsible for ensuring that only current data is provided to CRIS.

4. Are the data elements described in detail and documented?  If yes, what is the name of the document?

The data elements for CRIS are described in detail and documented using Microsoft Excel spreadsheets.  The name of this document is the CRIS Data Dictionary.


II.  Access to the Data 

1. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Other)?

IRS internal users with access to the data are the System Administrators, Database Administrators, Developers, Functional Security Coordinators, National Office Analyst, and District Office Analyst.  All IRS personnel who have access to CRIS have completed Form 5081 and are granted access only to those areas that are required for them to perform their duties.  Their access is immediately revoked when it is no longer required.

2. How is access to the data by a user determined?  Are criteria, procedures, controls, and responsibilities regarding access documented? 

Access to the data within the system is restricted.  Internal users are restricted to the databases to which they need access. 

Procedures and controls shall be documented in the CRIS Computer Security Plan (CSP) 2002, and system documentation.  The administrative user’s profile and roles are assigned by his/her manager on IRS Form 5081, which is reviewed by a CRIS System Administrator and established when user accounts and permissions are granted.

A user’s position and areas of responsibility determine the level of access to the data.  The System Manager and System Administrator grant approval for system access.  A user’s access to the data terminates when the user no longer requires access to CRIS.  Criteria, procedures, controls, and responsibilities regarding access are documented in the CRIS Security Features User’s Guide (SFUG).

The following mandatory rules are defined for users of all IRS computer and information systems:

* Users are forbidden to access or research any account, file, record, or application that is not required to perform official duties.

* Users are restricted to only accessing or researching, accounts, files, records, or applications that are required to perform their official duties.

* Users are restricted from accessing their individual/spouse account, accounts of relatives, friends, neighbors, or any account in which the user has a personal or financial interest.  Users are restricted from accessing the accounts of famous or public persons unless given authorization.

* If asked to access an account or other sensitive or private information, users are required to verify that the request is authorized and valid.  Users will be held accountable if they access an unauthorized account.

* Users are required to protect passwords from disclosure and to refuse acceptance of passwords that are not delivered in a sealed envelope.  Users are required to log/sign off anytime they leave the computer or terminal.

* Users are required to retrieve all hard copy printouts in a timely manner, ensure that magnetic media is secured based on the sensitivity of the information contained, and practice proper labeling procedures.  Users are instructed not to disclose or discuss any IRS-related information with unauthorized individuals.

* Users are instructed to protect IRS employee internal work from disclosure.

* All vendors are to be escorted and monitored.

CRIS requires all users to identify themselves and provide proof of their identities by user identification (USERIDs) and passwords.  USERIDs and passwords are unique to each internal user. 

3. Will users have access to all data on the system or will the user’s access be restricted?

Currently, the developer has access to all data contained in CRIS.  All other access is restricted.  CRIS users will have limited access.  Access must be positively granted by management based on the employee's need-to-know and job duties.  

The CRIS Risk Assessment determined that the minimum-security class of C2 (Controlled Access Protection) is required for CRIS and that the system will operate in the System High Security Mode.  The System High Security Mode requires all users to have the appropriate clearances or authorization.  However, all users do not have the same need-to-know or access for all the information within the system.  Treasury and IRS directives require systems that contain Sensitive But Unclassified (SBU) information to attain C2 security functionality.

CRIS stores information protected under the Privacy Act of 1974.  In addition, the Commissioner of the IRS has designated that all IRS systems and associated data be categorized as SBU, and protected under IRC 6103, Confidentiality and Disclosure of Return and Return Information.  Risk Assessments have been performed in accordance with the following guidelines:

* IRM 25.10.1, Information Technology Security Policy and Guidance, January 1, 2002
* TD P 71-10, Security Manual, October 1, 1992
* TD P 85-03, Risk Assessment Guideline, June 1999
* CSC-STD-003-85, Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments (TCSEC), June 1985

4. What controls are in place to prevent the misuse (e.g. browsing) of data by those having access? 

CRIS uses audit trails as required by IRS 25.10.1, Information Technology Security Policy and Guidance, January 1, 2002.  A Functional Security Coordinator has been appointed.  Employees have been trained on the use of the system and their responsibilities concerning access and use of the data.

The following mandatory rules are defined for users of IRS computer and information systems:

* Users are forbidden to access or research any account, file, record, or application that is not required to perform official duties.

* Users are restricted to accessing or researching only accounts, files, records, or applications that are required to perform their official duties.

* Users are restricted from accessing their individual/spouse account, accounts of relatives, friends, neighbors, or any account in which the user has a personal or financial interest.  Users are restricted from accessing the accounts of a famous or public person unless given authorization to do so.

* If asked to access an account or other sensitive or private information, users are required to verify that the request is authorized and valid.  Users will be held accountable if they access an unauthorized account.

5. a. Do other systems share data or have access to data in this system?  If yes, explain.

Currently, no other systems share or have access to the data in CRIS.

b. Who will be responsible for protecting the privacy rights of the taxpayers and employees affected by the interface?

The Director of the Detroit Computing Center is responsible for protecting the privacy rights of taxpayers and employees regarding data contained within CRIS.

6. a. Will other agencies share data or have access to data in this system (International, Federal, State, Local, Other)?

External agencies have no access to the system with the exception of the Treasury Inspector General for Tax Administration (TIGTA) and General Accounting Office (GAO) for auditing purposes, and only for the amount of time required for the audit.  Information within the system will not be disclosed except as expressly authorized by IRC 6103.

b. How will the data be used by the agency?

Not Applicable.  No other agencies share data or have access to the data contained in or transmitted by CRIS.

c. Who is responsible for assuring proper use of the data?

Not Applicable.  No other agencies share data or have access to the data contained in or transmitted by CRIS.

d. How will the system ensure that agencies only get the information they are entitled to under IRC 6103?

Not Applicable.  No other agencies share data or have access to the data contained in or transmitted by CRIS.

External agencies have no access to the system with the exception of the TIGTA and the GAO for auditing purposes, and only for the amount of time required for the audit.  Information within the system will not be disclosed except as expressly authorized by IRC 6103.

III.  Attributes of the Data

1. Is the use of the data both relevant and necessary to the purpose for which the system is being designed?

Yes.  The data used in CRIS is both relevant and necessary to the purpose for which the system has been designed.  CRIS will be used to measure Service-wide strategic compliance measures.

2. a. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

Yes. New data may be derived through aggregation.  However, the new data derived from aggregation will not affect the individual taxpayer.  Data is aggregated at the zip code level.

b. Will the new data be placed in the individual’s record (taxpayer or employee)?

New data is not placed in an individual’s record.  Analysis is not performed at the individual level.  Further, all individual taxpayer identification information is removed prior to being accessed by the CRIS users.

c. Can the system make determinations about taxpayers or employees that would not be possible without the new data?

Determinations will be made about segments of taxpayers.  Determinations can not be made for individuals or employees.

d. How will the new data be verified for relevance and accuracy?

New data will be verified for relevance and accuracy using the CRIS analytical tools and trained analysts.

3. a. If data is being consolidated, what controls are in place to protect the data from unauthorized access or use?

The CRIS host platform protects data by assigning system attributes and resources to pre-defined applications and associated user groups.  Users are restricted to those capabilities for which they have been granted permission via the IRS Form 5081.  In addition, all IRS personnel receive annual training on the “Taxpayer Browsing Protection Act of 1997” (UNAX) and certify completion of annual UNAX awareness briefing by signature and supervisory acknowledgement.

b. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? 

Not Applicable.  CRIS does not consolidate processes.

4. How will the data be retrieved?  Can it be retrieved by personal identifier?  If yes, explain.

Users can retrieve data on segmented groups using city, state, and zip codes.

What are the potential effects on the due process rights of taxpayers and employees of:

a. consolidation and linkage of files and systems;

Not applicable.  CRIS does not consolidate or link files.

b. derivation of data;

The returns will be from Form 1040 returns for Individuals and Form 1120 Corporate Business returns.

c. accelerated information processing and decision making;

The accelerated information processing and decision making performed by CRIS does not affect the due process rights of the taxpayers or employees.

d. use of new technologies;

CRIS is not using technologies previously unknown to the IRS.

How are the effects to be mitigated?

Not applicable.  CRIS is not using technologies previously unknown to the IRS.


IV.  Maintenance of Administrative Controls

1. a. Explain how the system and its use will ensure equitable treatment of taxpayers and employees.

The purpose of CRIS is not to make determinations about an individual, single business, or their tax-related matters.  System management is responsible for the proper operation of the system, ensuring correct processing, as well as the oversight of employees’ use of the system and the data contained therein.

b. If the system is operated in more than one site, how will consistent use of the system and data be maintained in all sites?

CRIS is a menu driven application, which will provide for the consistent use of the system.

c. Explain any possibility of disparate treatment of individuals or groups.

There is no possibility of disparate treatment of individuals or groups. 

2. a. What are the retention periods of data in this system?

A retention requirement for three years will be typical for most of the data models.  However, some data will be kept for trend studies, which will be used for tracking taxpayer characteristics and behaviors over long periods of time.  The retention requirement for some CRIS records will be as long as ten years.

b. What are the procedures for eliminating the data at the end of the retention period?  Where are the procedures documented?

To date, CRIS has not removed data from the system.  Procedures will be documented in the near future, and the data removed from the system will be archived to magnetic media. 

c. While the data is retained in the system, what are the requirements for determining if the data is still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

The DCC has developed an extraction process that will allow for determining if the data is accurate and relevant.  The DCC maintains and controls the documentation for the extraction process.

3. a. Is the system using technologies in ways that the IRS has not previously employed (e.g., Caller-ID)?
 
No. CRIS is not using technologies in ways that the IRS has not previously employed.

b. How does the use of this technology affect taxpayer/employee privacy?

Not Applicable.  CRIS is not using technologies in ways that the IRS has not previously employed.

4. a. Will this system provide the capability to identify, locate, and monitor individuals?  If yes, explain.

No.  All individual taxpayer identification information is removed during the sanitizing process.

b. Will this system provide the capability to identify, locate, and monitor groups of people?  If yes, explain.

Yes.  CRIS provides the capability to identify and monitor groups of people but only by geographic level, using city, state, or zip code.

c. What controls will be used to prevent unauthorized monitoring?

Only authorized personnel will have access to CRIS.  In addition, all employees and contractors receive UNAX and Code of Conduct training.  Identification and access provisions are employed.

5. a. Under which Systems of Record Notice (SORN) does the system operate?  Provide number and name.
 
The applicable SORNs for CRIS are listed below.

42.021  Compliance Programs and Projects Files – Treasury/IRS
34.037  IRS Audit Trail and Security Records System

b. If the system is being modified, will the SORN require amendment or revision? Explain.

The SORNs identified for CRIS will not require amendment or revision. 

 

 

 


 

Page Last Reviewed or Updated: 18-Aug-2012