Publication 4812 – Contractor Security Controls


Functions as the standard for security controls to be employed by contractors who will have or need access to IRS information, and/or who will have or need access to, maintain or operate IRS information systems in order to perform or carry out and meet their contractual obligations. Publication 4812 is a “layperson's guide” to NIST SP 800-53 when access to IRS information or information systems under contracts for services on behalf of the IRS is outside of IRS controlled facilities or the direct control of the Service (as opposed to Internal Revenue Manual 10.8.1 - Information Technology (IT) Security, Policy and Guidance, which applies when contractors are accessing IRS information and information systems at Government controlled facilities).

Safeguarding Information and Unauthorized Disclosure Awareness

Contractors and their employees must be aware of their responsibilities under the law to safeguard the information, the procedures to follow when data is lost or compromised, and the penalties for unauthorized disclosure. Please follow these links for a brief video, Protecting Federal Tax Information Guide video and Publication 4465A - Protecting Federal Tax Information for Contractors, regarding a contractors’ responsibilities to protect Federal Tax Information. This is recommended training and does NOT replace or satisfy the Contractor mandatory annual Security Awareness Training (SAT).

IRS Contractor Data Breach Response Procedures

Pub 4812 provides the specific contractor requirements when an unauthorized access or disclosure of Federal Tax Information occurs. Visit Data Breach Information for IRS Contractors for an overview of breach response and reporting procedures.

Just in Time: Tips for Protecting Federal Tax Information Poster Series on CD

Order Pub 4981 poster series on CD, Tips for Protecting Federal Tax Information poster series, directly on at Forms and Publications by U. S. Mail