The ATO has announced an independent review of its information security practices following recent incidents within the ATO and the embarrassing loss of taxpayer records in the UK.
The independent review of information security procedures is designed to eliminate the possibility of mistakes, according to Tax Commissioner Michael D’Ascenzo. PricewaterhouseCoopers has been commissioned to undertake the review which is expected to be completed by March 2008.
The review will look at information security issues and how they relate to the ATO, including:
- current protections, policies, practices and assurance processes
- how the office compares with industry best practice
- the effectiveness of staff awareness programs
- classification of information
- different work areas and their needs
- emerging trends such as flexible, home-based working arrangements
- the differences between electronic and paper forms of information, and
- protocols for the movement and exchange of information