Part 2. Information Technology
Chapter 149. 9 IT Asset Management
Section 1. Asset Management Policy
September 23, 2015
(1) This transmits new Internal Revenue Service (IRS) Asset Management (AM) Policy.
(1) These policies define the Asset Management process and apply to all areas managing information technology assets.
Terence V. Milholland
Chief Technology Officer
Information Technology (IT) Asset Management Policy
User & Network Services (UNS) is responsible for the development, implementation and maintenance of this directive. Approval of this directive, including updates, rests with the Associate Chief Information Officer (ACIO) for UNS. All proposed changes to this directive must be submitted to the Service Asset & Configuration Management (SACM) organization in UNS.
This policy establishes authority and responsibility for the performance of IT asset management throughout the IRS. It also establishes policies and procedures for management and control of hardware and software assets throughout their lifecycle.
Asset Management (AM) is the process responsible for tracking and reporting the value and ownership of financial assets throughout their lifecycle. Asset Management is part of an overall Service Asset and Configuration Management Process. An IT asset is property or equipment that is part of the IT infrastructure, including hardware and software for IT and telecommunications data and voice that is in use, in reserve storage, or is awaiting disposal. All IRS organizations (including contractors) developing, maintaining, and controlling IT assets shall adhere to the mandates of this policy and all associated AM procedures. For additional information, refer to the Asset Management User Guides on the IT Process Asset Library: IT PAL.
All AM activities shall be planned, managed, implemented, and controlled in accordance with all applicable laws, regulations, IRS policies, processes, and procedures. Throughout the lifecycle of hardware and software assets, the following policies apply:
The Chief Technology Officer (CTO) is the official responsible for ownership, management, and control of IT property. Organizations other than IRS IT are not authorized to purchase, acquire, manage, move or maintain IT property. IRS IT is also responsible for the accounting and recording of IT property in the inventory system.
The CTO or other delegated executive shall ensure that necessary budget, labor, tools, and appropriate training are available to implement asset management policies and procedures.
This process supports the integrity of the data by ensuring accurate and complete asset records are maintained.
Reports shall contain complete, reliable, consistent, and timely financial information regarding IT assets.
Asset data shall be documented using approved procedures.
The IT asset records are periodically audited with the results reported to the applicable business and system stakeholders.
The personnel designated or assigned to perform asset management activities shall be trained in the standards, process, and procedures for performing these activities.
The collection of metrics is used to determine the status of asset management activities and effectiveness to support increasing capability maturation.
The asset management process shall ensure economic and efficient purchase, lease, maintenance, operation, and use of IT property.
The disposal of hardware assets shall include transfer of excess or surplus computer equipment to qualifying schools and educational non-profits as a high priority.
The IRS complies with audit requests from the Treasury Inspector General for Tax Administration’s (TIGTA) Office of Audit and resolves audit findings.
The IRS adheres to Government Accountability Office (GAO) policies and procedures.
Federal agencies are required to employ tracking systems, such as specialized fully automated applications depending on the needs of the organization, for software protected by quantity licenses to control copying and distribution and to help ensure that software is used in accordance with licensing agreements.
Bureaus are required periodically scan their networks to detect and remove any unauthorized or unlicensed software.
Federal agencies are required to develop software license management policies and procedures. Federal agencies are also required to prepare inventories of software present on computers to help to ensure that software is used in compliance with copyright laws.
Federal agencies are required to take inventory of their information technology assets and ensure they are not paying for unused or under utilized installed software.
The following lists the regulatory documents that validate the Asset Management Policy:
Public Law 89-306, Automated Data Processing Equipment
Office of Management and Budget (OMB) Circular A-123, Management’s Responsibility for Internal Controls
Treasury Department Publication 32-01, Accounting Principles and Standards OMB Circular A-127, Financial Management Systems
Public Law 101-576, Chief Financial Officers Act of 1990
Executive Order 12999, Educational Technology: Ensuring Opportunity for All Children in the Next Century
Public Law 104-106, Clinger-Cohen Act of 1996, formerly Information Technology Reform Act of 1996
IRM 220.127.116.11.5, Servicewide Policies and Authorities, Policy Statements for Information Technology Activities - Policy Statement 2-93 (formerly P-1-229)
Delegation Order 1-41 Delegation Order MITS-2-1-1, Authority to Approve IT Resources
Policies and Procedures Memorandum No. 46.5, Evidentiary Documentation in Support of Receipt and Acceptance
IRM 10.8.1, IT Security, Policy and Guidance
IRM 1.14.4, Personal Property Management, Facilities Management and Security Services
IRM 1.35.6, Administrative Accounting, Property and Equipment Accounting
Memorandum, dated September 5, 2008 and signed by the ACIO for UNS regarding Asset Inventory Requirements for Timely Updating of Inventory Records
Memorandum, dated September 8, 2008 and signed by the ACIO for UNS regarding Route All Hardware/Software WebIPS Requisitions through UNS Asset Management Program Office
IRM 18.104.22.168.11, Requisition Processing for IT Acquisition Products and Services, Introduction to Requisition Processing for Information Technology (IT), End User Equipment and Services - Additional Technical Reviews - Non Specific Tier related
National Institute of Standards and Technology Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations (Aug. 2009)
Treasury Directive Publication 85-01, Treasury IT Security Program (Nov. 3, 2006)
Executive Order, Department of the Treasury Directive 85-02, Software Piracy Policy (May 4, 2010)
IRM 10.8.2, IT Security Roles and Responsibilities (Apr. 29, 2011)
Executive Order 13103 (Sep. 30, 1998), Computer Software Piracy
Executive Order 13589, Promoting Efficient Spending (Nov. 09, 2011)
Asset Management - Enterprise-wide Software User Guide
Asset Management - UNS Software User Guide
Asset Management - Hardware User Guide
IRM 2.127, Software Testing Standards and Procedures
General Services Administration Bulletin Federal Management Regulation (FMR) B - 34, Disposal of Federal Electronic Assets
Memorandum, dated July 26, 2011 and signed by CTO for IRS Computer Room and Ownership and Management which assigns ownership of all Computer Rooms to Enterprise Operations