5.1.25 IDRS and Data Security for Collection
- 5.1.25.1 Program Scope and Objectives
  - 5.1.25.1.1 Background
  - 5.1.25.1.2 Authority
  - 5.1.25.1.3 Roles and Responsibilities
  - 5.1.25.1.4 Program Management and Review
  - 5.1.25.1.5 Program Controls
  - 5.1.25.1.6 Terms and Acronyms
  - 5.1.25.1.7 Related Resources
- 5.1.25.2 IDRS Security Personnel
  - 5.1.25.2.1 Managers of IDRS Users
  - 5.1.25.2.2 Data Security Analyst (DSA)
  - 5.1.25.2.3 Alternate Data Security Analyst (DSA)
  - 5.1.25.2.4 Terminal Security Administrator (TSA)
- 5.1.25.3 IDRS User Support
  - 5.1.25.3.1 IDRS Unit Profiles
  - 5.1.25.3.2 IDRS Command Codes
    - 5.1.25.3.2.1 Requests for Common Command Codes
    - 5.1.25.3.2.2 Requests for Uncommon Command Codes
- 5.1.25.4 IDRS Online Reports Services (IORS)
  - 5.1.25.4.1 Types of IORS Reports
    - 5.1.25.4.1.1 Weekly Security Reports - Review and Action (No Certification Required)
    - 5.1.25.4.1.2 Monthly Security Reports - Review and Action (No Certification Required)
    - 5.1.25.4.1.3 Security Reports Requiring Certification
      - 5.1.25.4.1.3.1 Weekly Security Violations Report
      - 5.1.25.4.1.3.2 Weekly Sensitive Access (Other/Spouse)
- 5.1.25.5 Monthly IDRS Security Profile Report
  - 5.1.25.5.1 Locked Profiles
  - 5.1.25.5.2 Automated Command Code Access Control / Restrictions
  - 5.1.25.5.3 Sensitive Command Code Combinations
  - 5.1.25.5.4 Security Command Code Usage
  - 5.1.25.5.5 Master Register of Active IDRS Users
  - 5.1.25.5.6 Command Code Activity
  - 5.1.25.5.7 IORS Documentation
- 5.1.25.6 Security Audit and Analysis System (SAAS)
- 5.1.25.7 Form 11377 / 11377-E, Taxpayer Data Access
- Exhibit 5.1.25-1 Acronyms
- Exhibit 5.1.25-2 Common Command Codes - SB/SE Collection Operations and Operations Support

Part 5. Collecting Process

Chapter 1. Field Collecting Procedures

Section 25. IDRS and Data Security for Collection

5.1.25 IDRS and Data Security for Collection

Manual Transmittal

February 26, 2025

Purpose

(1) This transmits revised IRM 5.1.25, Field Collecting Procedures, IDRS and Data Security for Collection.

Material Changes

(1) IRM 5.1.25, Audience: Updated Director’s Name and Title.

(2) IRM 5.1.25.1.1 (2), Background: Updated IRM reference.

(3) IRM 5.1.25.1.3, Roles and Responsibilities: Changed title name.

(4) IRM 5.1.25.1.7 (2), Related Resources, Website References, Document 6209, IRS Processing Codes and Information: Updated link.

(5) IRM 5.1.25.1.7 (2), Related Resources, Website References, SB/SE Collection IDRS Data Security Contact List: Updated link.

(6) IRM 5.1.25.2 (1), IDRS Security Personnel: Updated IRM reference.

(7) IRM 5.1.25.3 (4), IDRS User Support, Request New Application (Add User) Updated "EOPS" to "Cybersecurity" due to name change.

(8) IRM 5.1.25.3 (4), IDRS User Support, (Modify User profile Add/delete security command codes): Updated "EOPS" to "Cybersecurity" due to name change.

(9) IRM 5.1.25.3 (4), IDRS User Support, (Delete account/Delete user): Updated "EOPS" to "Cybersecurity" due to name change.

(10) IRM 5.1.25.3.2.2 (1) , Requests for Uncommon Command Codes: Updated table formatting.

(11) IRM 5.1.25.3.2.2 (4), Requests for Uncommon Command Codes: Added new subsection to list command codes that should not be added to the profile.

(12) IRM 5.1.25.3.2.2 (5) Requests for Uncommon Command Codes: Added new subsection to list non-profiled command codes.

(13) IRM 5.1.25.4.1.3.1 (3)a)b)c) Weekly Security Violations Report: Added new subsection to provide instructions on reviewing four or more violations.

(14) IRM 5.1.25.5.1 (2)c), Monthly IDRS Security Profile Report, Locked Profiles: Updated "EOPS" to "Cybersecurity" due to name change.

(15) IRM Exhibit 5.1.25-1, Acronyms: Removed EOPS, Enterprise Operations from table.

(16) IRM Exhibit 5.1.25-2, Command Codes - SB/SE Collection Operations and Operations Support: Updated table formatting.

(17) IRM Exhibit 5.1.25-2, Command Codes - SB/SE Collection Operations and Operations Support: Updated table formatting for Specialty Collection - Centralized Campus Operations: Insolvency and Offer in Compromise.

(18) Editorial changes were made throughout the IRM to clarify language, correct typographical errors and formatting, and to update/add links, website addresses and/or titles.

Effect on Other Documents

This IRM supersedes IRM 5.1.25 dated October 16, 2023.

Audience

Small Business/Self-Employed, Collection Operations and SB/SE Operation Support Employees.

Effective Date

(02-26-2025)

Rashaunda B. Simmons
Director, Headquarters Collection Quality & Technical Support
Small Business/Self Employed

5.1.25.1 (06-08-2020)

Program Scope and Objectives

Purpose: This IRM section provides policies and guidance to carry out security of the Integrated Data Retrieval System (IDRS) and other applications, which contain taxpayer return and return information.

Audience: This IRM is directed toward Small Business/Self Employed (SB/SE), Collection Operations managers, Operation Support managers and the IDRS Data Security group. The audience includes:

Organization	Offices
Collection Operations	Civil Enforcement, Advice and Support Operations Field Collection Headquarters Collection Planning and Performance Analysis Specialty Collection - Insolvency Specialty Collection - Offer in Compromise
Operations Support	Business Development Business Support SB/SE Human Capital Technology Solutions

Policy Owner: The Director, Collection Operations - Headquarters Collection - Quality and Technical Support is responsible for issuing policy.
Program Owner: The program owner is the IDRS Data Security Group, under Collection Automation Support & Security (CASS), an organization within SB/SE – Quality and Technical Support.
Primary Stakeholders: The primary stakeholders are SB/SE Collection Operations and Operations Support.
Program Goals: The primary goal of this IRM is to provide procedural guidance, ensuring consistency with the work product. This includes the timely review and certification of security reports along with addressing user support inquiries, not detailed in another IRM.

5.1.25.1.1 (02-26-2025)

Background

IRM 5.1.25, IDRS and Data Security for Collection, further defines requirements found in IRM 10.8.1, Information Technology (IT) Security, Policy and Guidance and IRM 10.8.34, Information Technology (IT) Security, IDRS Security Controls.
The IRM 10.8.34.7.1.3, Information Technology (IT) Security IDRS Security Controls, Roles and Responsibilities, Manager, states the managers of IDRS users are responsible for day-to-day implementation and administration of IDRS security in their group. SB/SE Collection Operations and Operations Support established dedicated Unit Security Representatives (USRs), known by their organizational title as Data Security Analysts (DSAs).
DSAs are responsible for ensuring all aspects of data security are followed and coordinate with the Group Manager where issues arise.

5.1.25.1.2 (08-02-2019)

Authority

The following three IRMs define overall IDRS security requirements:
1. IRM 10.8.1, Information Technology (IT) Security, Policy and Guidance
2. IRM 10.8.2, Information Technology (IT) Security, IT Security Roles, and Responsibilities
3. IRM 10.8.34, Information Technology (IT) Security, IDRS Security Controls
In the event of a discrepancy, information in Part 10 takes precedence over this IRM unless requirements within this IRM are more stringent.

5.1.25.1.3 (02-26-2025)

Roles and Responsibilities

The IDRS Data Security Group is assigned to the CASS function. DSAs in Collection perform the security duties, which in other functions fall to managers of IDRS users. See IRM 1.1.16.3.3.3.2, Collection Automation Support & Security, for information on the role and mission of the CASS function.
IRM 5.1.25.2, IDRS Security Personnel, further defines the roles of the Group Manager, DSA, Alternate DSA, and Terminal Security Administrator (TSA).

5.1.25.1.4 (06-08-2020)

Program Management and Review

SB/SE Collection IDRS Data Security Manager:
1. monitors and reviews IDRS Online Reports Services (IORS) reports and Security Audit and Analysis System (SAAS) work products to ensure security reports are thoroughly reviewed and timely certified.
2. collaborates with SB/SE Collection Operations, Operations Support and IT Cybersecurity personnel to address emerging issues.
CASS Program Manager conducts annual operational reviews following general guidelines in IRM 1.4.50, Collection Group Manager, Territory Manager and Area Director Operational Aid.

5.1.25.1.5 (08-02-2019)

Program Controls

The IORS application maintains a record of all certifications by the Primary Report Reviewer for each report requiring certification and for each IDRS unit under their responsibility.
Business organizations shall achieve at least a 90% certification rate for their security reports.
Cybersecurity IDRS Security analysts:
1. review IORS utility reports to determine whether IORS Primary Report Reviewers in their campus domain(s) are reviewing IDRS security reports in a timely manner, certifying the reports, and taking the appropriate action, as needed.
2. at least weekly, provide business organizations in their campus domain(s) with a list of uncertified reports.
3. work with business organizations in their campus domain(s) to address IDRS security report certification related issues.
4. advise business organizations in their campus domain(s) of any units where a Primary Report Reviewer has not been designated.
IDRS Security Program Management Office performs a compliance review of IDRS security report certifications at least once every six months to determine the timely certification rate of business organizations.

5.1.25.1.6 (10-16-2023)

Terms and Acronyms

This IRM section contains the following terms:

Term	Definition
Audit Trail	A chronological record of transactions entered on IDRS or related applications.
BEARS	The BEARS application is a means to request and document user access to systems/applications. Users access the BEARS application via a website on the IRS Intranet. BEARS has a user base of 100,000 + nationwide and does not collect taxpayer information. BEARS replaced the OL5081 application.
Campus	A centralized Internal Revenue Service processing site.
Certification	Refers to the process by which an IDRS user’s sensitive accesses and security violations have been verified as appropriate or addressed.
Command Codes	A five-character terminal input on IDRS to extract a specific set of data or used to input an action.
IDRS	Integrated Data Retrieval System – a computer system with the capability to obtain or update information on taxpayer accounts.
Shared Administrative Associate	The Shared Administrative Associate (SAA) position provides administrative, clerical and case processing support to managers and technical employees with the ability to utilize IDRS cross-functionally throughout assigned organizations.
Timely	In accordance with established due dates.

A list of commonly used acronyms and their definitions are in IRM Exhibit 5.1.25-1.
Additional acceptable acronyms and abbreviations are in ReferenceNet at: Acronyms Database.

5.1.25.1.7 (02-26-2025)

Related Resources

IRM References:
- IRM 2.3, IDRS Terminal Responses
- IRM 2.4, IDRS Terminal Input
Website References:
- CFOL (Corporate Files On-Line) Express: CFOL-Express.pdf
- Collection Automation Support & Security (CASS) SharePoint site: CASS Employee SharePoint Site
- Document 6209, IRS Processing Codes and Information: SERP - 6209 - IRM Supplements
- IDRS Command Code Job Aid: IDRS Command Code Job Aid
- IDRS Online Report Services (IORS): Overview - IORS (irs.gov)
- IDRS Unit and USR Database (IUUD): IUUD - IORS (irs.gov)
- SB/SE Collection IDRS Data Security Contact List: IDRS Data Security - SBSE Collection - Who/Where - SERP
- Taxpayer Bill of Rights: Taxpayer Bill of Rights | Internal Revenue Service
- Taxpayer Data Access Library: SBSE Service Center and Collection (sharepoint.com)

5.1.25.2 (02-26-2025)

IDRS Security Personnel

This section provides supplemental roles and responsibilities for personnel who have IDRS security-related responsibilities. These roles are further defined in IRM 10.8.34.1.3, Roles and Responsibilities.

5.1.25.2.1 (10-16-2023)

Managers of IDRS Users

SB/SE Collection Operations and Operations Support Managers:
1. coordinate with the DSA to ensure IDRS security is effectively implemented for the unit/group.
2. advise the DSA when a user is transferred in or out of the workgroup.
3. arrange periodic IDRS and Data Security awareness presentations for the workgroup. Contact your assigned DSA for a group presentation.
4. ensure the DSA is notified immediately when an IDRS user no longer requires system access.
5. respond within five business days to the DSA with findings related to questionable accesses and/or other security report inquiries.
SB/SE Collection Operations and Operations Support Managers may:
1. request secondary permissions in IORS to view, add comments, and/or print their own unit reports.
2. Night shift Campus Function managers only can request to be designated as an Alternate USR with appropriate BEARS entitlement for specified command codes.
3. request to be designated as a Terminal Security Administrator
4. designate a bargaining unit employee (e.g. Lead) to be an Alternate USR. However, a bargaining unit Alternate USR is not allowed to review another employee’s IDRS actions.
Note:

This designation does not impact the roles and responsibilities of the DSA.

5.1.25.2.2 (10-16-2023)

Data Security Analyst (DSA)

The DSA:
1. is listed as the IORS Primary Reviewer and the Primary USR on the IDRS Unit and USR Database (IUUD) for their assigned IDRS units.
2. is assigned a range of IDRS unit numbers aligned within SB/SE Collection Operations and Operations Support areas.
3. maintains an active IDRS profile on both the Enterprise Computing Center - Martinsburg (ECC-MTB) and Enterprise Computing Center - Memphis (ECC-MEM) to ensure unrestricted backup support.
4. is profiled with ALLOW permissions to support users on all SB/SE home campuses.
5. is responsible for the review and certification of IORS and Security Audit and Analysis System (SAAS) reports.
The DSA also performs the following unit and account administration related tasks:
1. Support the program goals of IT Cybersecurity by providing assistance, analysis and recommendations for action to SB/SE Collection Operations and Operations Support management.
2. Responds to Group Manager or both Primary Manager/Sharing Manager of Shared Administrative Associate(SAA) request to add or delete command codes sent directly to DSA or the centralized mailbox (*SBSE CASS IDRS Security).
3. Request new IDRS command codes for the unit profile using Form 9937, IDRS Unit Request
4. Respond to user requests to unlock IDRS profiles and terminals.
5. Support related functions, such as the IDRS Password Management Capability and the Integrated Automation Technologies (IAT) tool bar
6. Maintain a centralized storage of Form 11377 and Form 11377-E, Taxpayer Data Access for each SB/SE Collection Operations and Operations Support area.
7. Use IORS to monitor IDRS usage and security.
8. Use Security Audit and Analysis System (SAAS) to monitor accesses to the Transcript Delivery System (TDS) and Modernized e-File Return Request & Display (MeF-RRD).
9. Approve BEARS entitlements to add, delete or modify IDRS user profiles.
10. Coordinate with other CASS functions to support reorganizations through the SB/SE Request for Organizational Change process.
11. Submit updates to the IUUD to reflect current managerial contact information.

5.1.25.2.3 (06-08-2020)

Alternate Data Security Analyst (DSA)

At CASS management’s discretion, a cadre of Alternate DSAs perform the role of the Primary DSA as a collateral duty. Additionally, they:
1. are non-bargaining unit employees.
2. maintain active profiles on the ECC-MTB and ECC-MEM.
3. are profiled with ALLOW permissions to support users on all SB/SE home campuses.

5.1.25.2.4 (08-02-2019)

Terminal Security Administrator (TSA)

A Terminal Security Administrator (TSA) is designated by area management to provide additional IDRS user support in unlocking IDRS user profiles and terminals only. TSAs are bargaining unit or non-bargaining unit employees.

5.1.25.3 (02-26-2025)

IDRS User Support

IDRS users or their managers are encouraged to submit all requests to a centralized mailbox at *SBSE CASS IDRS Security. The mailbox is generally staffed from 6:00 a.m. to 5:00 p.m. (Central Standard Time) Monday through Friday.
Routine requests submitted by e-mail are generally completed within thirty minutes of receipt, except where final approval is required by the Campus IDRS Security Analyst.

Upon receipt of an e-mail request from an IDRS user or manager, the DSA is responsible for providing IDRS user support as follows:

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Exception: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

The actions requested below require the IDRS user or manager to submit a BEARS entitlement request.

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

5.1.25.3.1 (10-16-2023)

IDRS Unit Profiles

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
3. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡

5.1.25.3.2 (10-16-2023)

IDRS Command Codes

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

5.1.25.3.2.1 (06-08-2020)

Requests for Common Command Codes

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

5.1.25.3.2.2 (02-26-2025)

Requests for Uncommon Command Codes

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ Note: ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

5.1.25.4 (08-02-2019)

IDRS Online Reports Services (IORS)

IORS is a web based application that makes IDRS security reports available online to IDRS security staffs and authorized business reviewers.
The DSA is designated as the IORS Primary Reviewer for all Collection Operations and Operations Support IDRS units.
Managers of IDRS users may be granted secondary permissions in IORS to view, add comments, and print IORS reports for their assigned unit.

5.1.25.4.1 (08-24-2016)

Types of IORS Reports

There are four weekly security reports available to authorized users for review and necessary actions.
- Employee Count by Site/Unit
- Master Register of Active IDRS Users
- Security Violations
- Sensitive Access (Other/Spouse)
There are three monthly reports available to authorized users for review and necessary actions.
- Automated IDRS Sign-Offs Due to User Inactivity
- Monthly IDRS Security Profile Report
- Password Management Activations

5.1.25.4.1.1 (12-11-2014)

Weekly Security Reports - Review and Action (No Certification Required)

The Employee Count by Site/Unit report lists the number of active users in each unit. The DSA reviews this report and take action as warranted, such as deleting empty units that are no longer required to support the area footprint.
The Master Register of Active IDRS Users report lists numerous fields of information for all active users in the unit. The DSA incorporates the Master Register of Active IDRS Users report in their monthly security review activities.

5.1.25.4.1.2 (02-26-2025)

Monthly Security Reports - Review and Action (No Certification Required)

The Automated IDRS Sign-Offs Due to User Inactivity report lists those users whose IDRS sessions terminated after 120 minutes of inactivity. The DSA takes the following action:
1. Identify IDRS users with 15 or more automatic sign-offs in a month.
2. Advise those users to sign-off IDRS when not in use to prevent an unauthorized access.
3. Instruct users how to periodically refresh their IDRS session if IDRS is required on a continuous basis.
Note:

While this report is not certified independently, it is incorporated as an aspect of certifying the Monthly IDRS Security Profile Report.
The Password Management Activations report lists the number of users in each unit who have activated this capability. Where a unit fails to reflect a 100% activation rate, the DSA researches to determine if IDRS Password Management has been activated since the report was generated.
- If yes, no further action is warranted.
- If no, the DSA sends an e-mail to the user with a copy to the manager requesting the user to activate the IDRS Password Management capability. The DSA attaches the instructions to assist the user with activation.
Note:

While this report is not certified independently, it is incorporated as an aspect of certifying the Monthly IDRS Security Profile Report.

5.1.25.4.1.3 (08-24-2016)

Security Reports Requiring Certification

The DSA is required to review and certify the following security reports:
- Weekly Security Violations Report
- Weekly Sensitive Access (Other/Spouse)
- Monthly IDRS Security Profile Report

5.1.25.4.1.3.1 (02-26-2025)

Weekly Security Violations Report

This report lists all security violations recorded by IDRS users, such as:
- Password Mismatch
- Name Mismatch
- SINON Error (PWMGT)
- Response Error (PWMGT)
- Command Code Not in Profile
- Locked Profile
- Excessive Use (PWMGT)
Timely certification is within 14 calendar days after the end date for the period.
DSAs are required to review and certify four or more violations of the same type as follows:
1. DSAs and managers must follow-up with users who have four or more violations of the same type during the report period or there is a pattern of the employee committing the same violation in consecutive report periods.
2. DSAs and managers who notice a consistent pattern of a user having password mismatch errors must confirm with the user that the employee is committing these errors and that someone else is not trying to guess at their password.
3. Users with repeated CC Not in Profile violations must be shown how to check their profiles, by using SFDISP to determine which command codes are available for their use.

The DSA is required to complete the research and take appropriate actions as follows:

The report reflects a user with SINON violations.

If	Then
The research shows a user has four or more violations with any combination of: Password Mismatch Name Mismatch	Send an e-mail to the user, with a courtesy copy (cc:) to the manager to confirm the following: The user committed these errors The violations were not the result of an unauthorized attempt to access IDRS. Note: If the user contacted a DSA or the IDRS centralized mailbox, an e-mail is not required. Advise Treasury Inspector General for Tax Administration (TIGTA) of the user's response if the user does not agree they committed the violations.
The research shows a user has one or more IDRS Password Management violations such as: SINON Error Response Error Incomplete Excessive Use	Send an e-mail to the user, with a courtesy copy (cc:) to the manager with instructions on how to reset IDRS Password Management. Note: Excessive Use Send an email to the user with a courtesy copy(cc:) to the manager to advise employee cannot use Password Management capability successfully more than five times within a 30-day period. If employee has exceeded their usage limit and needs a password submit a Password Reset BEARS entitlement.

Then

The research shows a user has four or more violations with any combination of:

Password Mismatch
Name Mismatch

Send an e-mail to the user, with a courtesy copy (cc:) to the manager to confirm the following:
- The user committed these errors
- The violations were not the result of an unauthorized attempt to access IDRS.
  
  Note:
  
  If the user contacted a DSA or the IDRS centralized mailbox, an e-mail is not required.
Advise Treasury Inspector General for Tax Administration (TIGTA) of the user's response if the user does not agree they committed the violations.

The research shows a user has one or more IDRS Password Management violations such as:

SINON Error
Response Error
Incomplete
Excessive Use

Send an e-mail to the user, with a courtesy copy (cc:) to the manager with instructions on how to reset IDRS Password Management.

Note:

Excessive Use Send an email to the user with a courtesy copy(cc:) to the manager to advise employee cannot use Password Management capability successfully more than five times within a 30-day period. If employee has exceeded their usage limit and needs a password submit a Password Reset BEARS entitlement.

The report reflects a user with four or more Command Code Not in Profile violations. Research the user's profile to determine if the command code(s) were previously added.

If	Then
Command Codes(s) were previously added	No further action is required
Command Code(s) were not previously added.	Determine if the command code(s) is authorized for SB/SE Collection Operations and Operations Support function and position use (Refer to IRM 5.1.25.3.2, IDRS Command Codes). If authorized, e-mail the user with a cc: to the manager stating: The command code(s) accessed resulted in a security violation. If the command code is needed for their position, to obtain managerial approval to have the command code added to their profile. Note: If not needed or it was an input error, no further action is required. If not authorized, e-mail the user, with a courtesy copy (cc:) to the manager, advising the command code is restricted and/or not allowed in SB/SE Collection Operations and Operations Support profiles.

Then

Command Codes(s) were previously added

No further action is required

Command Code(s) were not previously added.

Determine if the command code(s) is authorized for SB/SE Collection Operations and Operations Support function and position use (Refer to IRM 5.1.25.3.2, IDRS Command Codes).
If authorized, e-mail the user with a cc: to the manager stating:
- The command code(s) accessed resulted in a security violation.
- If the command code is needed for their position, to obtain managerial approval to have the command code added to their profile.
  
  Note:
  
  If not needed or it was an input error, no further action is required.
If not authorized, e-mail the user, with a courtesy copy (cc:) to the manager, advising the command code is restricted and/or not allowed in SB/SE Collection Operations and Operations Support profiles.

The report shows a user with a Locked Profile violation. Research the user's profile to determine the current status.

Example:

System Lock due to inactivity, Security Lock, or the employee initiated a Self-Lock.

If	Then
The IDRS profile is unlocked	No further action is required.
A System Inactivity Lock exists	The manager determines if account is unlocked or remains locked.
A 21 Day Non-PIV IDRS SINON Usage Lock	The DSA determines if employee has an active PIV card and assists with SACS/IDRS PIV Authentication installation. The DSA provides guidance with instructions to sign on IDRS using their SMART card Pin.
A Security Lock exists	Contact the manager to request the current status of the user.
A Self-Lock was initiated	Review the dates the Self-Lock was set and date the violation occurred. On a case-by-case basis, the DSA contacts the manager to determine if the employee is out of the office for the period in question.

The DSA documents IORS for every actionable event.
In the comments area, the DSA documents all research, contacts made with the user or manager, and their conclusion.
For each individual action taken, the DSA selects the appropriate action for the event from the drop-down menu:
- Review Completed - No Follow-up Needed
- Review Completed - Follow-up Performed
- Follow-up Action Required
- Other (Comment Required)

The DSA addresses Report Level Actions, Report Level Comments and Current Certification Status, which apply to all displayed units.

Report Level Items	Actions
Report Level Actions	Reviewed and Validated - No Follow-up Action Needed Follow-up Action Needed Follow-up Action Completed Referred to AWSS or TIGTA Other (Comment Required)
Report Level Comments	The DSA summarizes actions taken to review the Weekly report.
Current Certification Status	Report Certified Remove Certification / Not Certifying

5.1.25.4.1.3.2 (02-26-2025)

Weekly Sensitive Access (Other/Spouse)

This report lists users who attempted or accessed other employees’ or the spouses/ex-spouse of other employees’ accounts.
The DSA is required to review each unique Social Security Number (SSN) to ensure all accesses to other Internal Revenue Service (IRS) employees' and/or their spouses' accounts are business-related.
Accesses are supported by one of the following:

Note:

Prior certifications are found by clicking the "View All Accesses by User to Same SSN Within 12 Months" link.
1. Direct case assignment in SB/SE Collection inventory applications, such as the Integrated Collection System (ICS), Automated Insolvency System (AIS), or Automated Offers in Compromise (AOIC).
2. Related case assignment on SB/SE Collection inventory applications.
3. Evidence of cross compliance checks.
4. Department of Justice or other official requests.
5. Confirmed input error supported by the identification of another assigned case with similar Taxpayer Identification Number (TIN), such as a transposition or formatting error.
The DSA is required to certify all accesses through collection case assignment by querying the SSN on SB/SE Collection inventory applications. When the accessing user is assigned the case or is another member of the same group the DSA certifies the access.

Note:

The DSA leaves a history on ICS identifying the purpose of the access.
Timely certification is within 14 calendar days after the end date for the period.

The DSA takes the action shown in the following table if unable to certify the access:

If	Then
No record is located on the inventory applications	Research Form 11377s on the Taxpayer Data Access Library.
A document exists with sufficient explanation	Certify the access.
No document exists	Research IDRS and/or other applications, such as Accounts Management Services (AMS) to locate a cross-reference TIN.
A cross-reference TIN is located	Research inventory applications to determine whether the related TIN controls case assignment.

Note:

The DSA prepares Form 11377 or Form 11377-E for all IDRS accesses of employee/spouse accounts to include in Box 10:

Which Campus report researched
IORS week XX
Reason for the Access
Submit the form to the SB/SE Collection IDRS Data Security Manager.

If the research performed above does not confirm or certify the access the DSA emails the manager of the accessing user to validate the access.
If the research above does not confirm or certify SAA accesses, the DSA emails the primary manager and sharing manager of the SAA employee.

The DSA requests a response within five business days and includes the following in the e-mail:

Specific information to identify the user
The date and time stamp of the access
The account accessed
The command codes accessed
The DSA's research

Note:

Based on the e-mail response, the DSA takes the following action:

If	Then
Response from: The manager provides a valid reason for the access. The primary manager and/or sharing manager provide a valid reason for the SAA employee access.	The DSA conducts additional research to confirm a related case assignment. Example: If the response states the access is a cross compliance check to a business entity or a transposition error, the DSA independently confirms the actual case assignment. Exception: Centralized Campus Operations receive recorded phone calls, which are retained and reviewed locally, for up to 30 days after the contact. Example: If the response shows the relationship between the questionable access and the TIN assigned to the employee, trainee, or group.
The manager cannot provide a valid reason for the access	The DSA initiates Form 9936, Request for Audit Trail Extract, to view what actions were recorded before and after the access in question. Note: If a manager requires an IDRS audit trail for any reason not associated with a security report, they request it through the DSA or by direct contact with IT Cybersecurity.
The manager has not replied within five business days	The DSA sends a copy of the initial e-mail to the Territory Manager with a cc: to the Group Manager.
The DSA does not receive a response within an additional five business days	The DSA notifies the SB/SE Collection IDRS Data Security Manager.
The DSA cannot certify an access through independent research, managerial response and/or reviewing audit trails	The DSA submits a referral to TIGTA for follow up in accordance with IRM 10.8.34.2.2.8(9)h, Security Reports Requiring Certification by a Primary Report Reviewer.

In the comments area on IORS, the DSA clearly and concisely documents all research conducted and actions taken. This includes research results and any contacts with the user and/or manager. The comments provide enough detail to enable any reviewer to understand how the DSA certified the access or why it was referred to TIGTA.

Note:

If a TIGTA referral is required, the DSA certifies the report and subsequently records the complaint number upon receipt.
For each unique SSN, the DSA selects the appropriate action for the event from the drop-down menu:
- Review Completed - No Follow-up Needed
- Review Completed - Follow-up Performed
- Follow-up Action Required
- Other (Comment Required)
The DSA addresses Assign Report Level Items, Report Level Comments and Current Certification Status, which apply to all displayed units as shown in IRM 5.1.25.4.1.3.1(7).

Note:

If the DSA sets the Assign Report Level Action to "Follow-up Action Needed" , and the Current Certification Status to "Remove Certification / Not Certifying" , they ensure the report is monitored through certification.

5.1.25.5 (06-08-2020)

Monthly IDRS Security Profile Report

The Monthly Security Profile Report provides a summary of various IDRS security aspects. Every unit is reviewed for the following categories:
- Locked Profiles
- Automated Command Code Access Control/ Restrictions
- Sensitive Command Code Combinations
- Security Command Code Usage
- Master Register of Active IDRS Users
- Command Code Activity
Timely certification is within 28 calendar days after the end date for the period.

5.1.25.5.1 (02-26-2025)

Locked Profiles

The DSA reviews locked IDRS profiles of 28 days or more due to inactivity. Research IDRS to determine if the user has been deleted from IDRS or if the profile is still locked.
1. If the user profile has since been unlocked or deleted, no further action is required.
2. If the user profile is still locked, the DSA sends an e-mail to the manager to determine if the user still requires IDRS access.
3. If the user profile has a 21 Day Non-PIV IDRS SINON usage lock. The DSA determines if the employee has an active PIV card and assists with SAC/ IDRS PIV Authentication installation. The DSA provides guidance with instructions to sign on IDRS using SMART card Pin.
Based on the manager's response, the DSA performs the following action:
1. If the manager confirms the user requires IDRS access, the user is unlocked upon request.
2. If the manager determines the user no longer requires IDRS access, the DSA advise manager to initiate a Remove Access BEARS entitlement. If expedited treatment is required, the manager contacts the DSA who manually deletes the user from IDRS.
3. Cybersecurity process BEARS Others entitlements daily to remove requested active IDRS applications.

5.1.25.5.2 (02-26-2025)

Automated Command Code Access Control / Restrictions

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡
2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡
3. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡
4. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

Note:

≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

Exception:

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
3. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
3. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
4. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
- ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
Note:

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

5.1.25.5.3 (08-02-2019)

Sensitive Command Code Combinations

SB/SE Collection Operations and Operations Support IDRS units may contain sensitive command code combinations, which require increased oversight. See Exhibit IRM 10.8.34-6, Sensitive Command Code Combinations, for the list of codes.
The DSA ensures the UCCP does not contain any sensitive command code combinations.
The DSA sends the Sensitive Command Code Combination reports to the manager for monitoring.

5.1.25.5.4 (10-16-2023)

Security Command Code Usage

The DSA queries their units to identify the use of security command codes to ensure they are apprised of all users approved by local management to function as Alternate USRs or TSAs.
If security command codes have not been used for over six months, contact the user's manager to confirm the user's security role. Based on the manager's response, perform the following actions:
1. If the manager concurs with the user's continued security role, no further action is required.
2. If the manager determines the user no longer requires security command codes, direct the manager to initiate a Modify Access BEARS entitlement request to delete the user's security command codes.
Exception:

The Centralized Campus Operations are exempt as each Group Manager and/or Lead typically has access to their own unit and/or work second shift when no other coverage is available.

5.1.25.5.5 (08-02-2019)

Master Register of Active IDRS Users

The Master Register lists active IDRS users in the unit.
The DSA validates each workgroup’s Master Register in any way they deem appropriate to identify discrepancies.
The DSA is responsible for taking any corrective actions necessary, such as: moving the user to another unit, updating the user’s phone number in IDRS and confirming approved pseudonym names are reflected in IDRS.

5.1.25.5.6 (08-24-2016)

Command Code Activity

The DSA reviews unit and individual command code usage to determine:
1. if the MPAF command codes are appropriate for the work performed by the users in the unit.
2. whether UCCP command codes are used by at least 90 percent of IDRS users in the unit. The UCCP shall not contain any sensitive command codes unless 100 percent of the employees in the unit need the command code to do their work.
The DSA reviews the profile of each IDRS user to identify any unauthorized command codes. See Exhibit 5.1.25-2 for a list of common MPAF production command codes approved for use by SB/SE Collection Operations and Operations Support.
Based on results of the unit and individual command code review, take the following action, if appropriate:
1. Request the IDRS Security Account Administrator modify or delete the command codes that are not authorized, used, or no longer needed in the MPAF or UCCP.
2. Review users with command code REPTS in their profile, especially users in IORS specific units, to determine if IORS access is still needed.
  
  Exception:
  
  The Centralized Campus Operations are exempt as each Group Manager and/or Lead typically has access to their own unit and/or work second shift when no other coverage is available.
3. Report questionable patterns of command code activities to the manager.

5.1.25.5.7 (08-02-2019)

IORS Documentation

The DSA enters comments at the Report Level Items, as the Monthly Security Profile Report is certified in its entirety.
The DSA summarizes actions taken to address each security aspect. The monthly review includes the entire area or a specific unit range.
The DSA addresses all Report Level Items, Report Level Comments and Current Certification Status which apply to all displayed units as shown in IRM 5.1.25.4.1.3.1(7).

5.1.25.6 (10-16-2023)

Security Audit and Analysis System (SAAS)

Audit trails for modernized applications are stored in the SAAS.
In compliance with each application's audit plan, business units are responsible for reviewing SAAS audit trails and certifying accesses to taxpayer data.
The IDRS Data Security Group currently monitors the audit trail extracts for access to TDS and MeF-RRD. Security reviews in SAAS may be expanded at any time to include additional applications.
For each application there is a General Access and Access to Employee report. The General Access report is subject to a sample review and certification. The business unit determines the sample percentage, which is subject to change. The Access to Employee report is subject to 100% review and certification.
The DSA generally certifies the sample reports within 14 calendar days of receipt. CASS management approves longer certification due dates, as appropriate.
The DSA follows the established certification procedures by attempting to confirm case/related case assignment in SB/SE Collection Operations and Operations Support inventory applications. If case assignment is not independently confirmed, the DSA contacts the manager to justify the access.
If the DSA is unable to certify an access through independent research or managerial response, the DSA submits a referral to TIGTA for follow-up in accordance with IRM 10.8.34.2.2.8(9)h.
Unlike IORS, SAAS does not have the capability to capture review comments. The review notes documented by the DSA are maintained by the SB/SE Collection IDRS Data Security Manager for 90 days. Certification results are submitted to IT Cybersecurity as directed.

5.1.25.7 (10-16-2023)

Form 11377 / 11377-E, Taxpayer Data Access

The purpose of Form 11377 or Form 11377-E, Taxpayer Data Access, is to provide employees with a method to document accesses to taxpayer return information, when the accesses:
1. are not supported by direct case assignments.
2. are performed in error.
3. may raise suspicion.
Use of Form 11377 or Form 11377-E is voluntary.
If the employee completes the Form 11377 or Form 11377-E, the manager forwards the IRS copy to the designated Head of Office Designee (HOD) by close of business or as soon as possible. In SB/SE Collection Operations and Operations Support, the HOD is the assigned area DSA.

Note:

If the SAA employee completes Form 11377 or Form 11377-E the primary manager orsharing manager may sign the form and forward to designated Head of Office Designee(HOD) by close of business or as soon as possible.
Copies of Form 11377 or Forms 11377-E containing taxpayer data are not retained by the employee, the manager, or in any location other than with the IDRS Data Security Staff.
The DSA uploads the Form 11377 or Form 11377-E, along with any attachments to the IRM 5.1.25.1.7 (2) within five business days of receipt. Files are retained for six years from the date they are uploaded. The naming convention is SEID-MMDDYYYY-NN.
- SEID is the accessing employee.
- MMDDYYYY is the date of the access, even if the form is completed later. For example, January 1, 2020 is 01012020.
- NN is the number of forms submitted on the same day for the same accessing employee; i.e. use 01 if it is the first submission and, 02 if it is the second submission, etc.
The DSA responds promptly to requests from Labor Relations or TIGTA and provide copies of any Form 11377 or Form 11377-E needed for an ongoing UNAX investigation.

Exhibit 5.1.25-1

Acronyms

The following is a list of acronyms used throughout this IRM.

Acronym	Definition
AIS	Automated Insolvency System
AMS	Accounts Management Services
AOIC	Automated Offers In Compromise
BEARS	Business Entitlement Access Request System
CASS	Collection Automation Support & Security
CFOL	Corporate Files On-Line
DSA	Data Security Analyst
DUL	Designated User Listing
ECC-MEM	Enterprise Computing Center - Memphis
ECC-MTB	Enterprise Computing Center - Martinsburg
HOD	Head of Office Designee
IAT	Integrated Automation Technologies
ICS	Integrated Collection System
IDRS	Integrated Data Retrieval System
IORS	IDRS Online Reports Services
IT	Information Technology
IUUD	IDRS Unit and USR Database
Mef-RRD	Modernized e-File Return Request and Display
MPAF	Maximum Profile Authorization File
PAR	Personnel Action Request
SAA	Shared Administrative Associate
SAAS	Security Audit and Analysis System
SSN	Social Security Number
TIGTA	Treasury Inspector General for Tax Administration
TDS	Transcript Delivery System
TIN	Taxpayer Identification Number
TSA	Terminal Security Administrator
TSID	Terminal Security Identification
UCCP	Unit Command Code Profile
UNAX	Unauthorized Access
USR	Unit Security Representative

Exhibit 5.1.25-2

Common Command Codes - SB/SE Collection Operations and Operations Support

Note:

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡
≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡ ≡	≡ ≡ ≡ ≡ ≡

More Internal Revenue Manual

Part 5. Collecting Process

Chapter 1. Field Collecting Procedures

Section 25. IDRS and Data Security for Collection

5.1.25 IDRS and Data Security for Collection

Manual Transmittal

Purpose

Material Changes

Effect on Other Documents

Audience

Effective Date

Program Scope and Objectives

Background

Authority

Roles and Responsibilities

Program Management and Review

Program Controls

Terms and Acronyms

Related Resources

IDRS Security Personnel

Managers of IDRS Users

Note:

Data Security Analyst (DSA)

Alternate Data Security Analyst (DSA)

Terminal Security Administrator (TSA)

IDRS User Support

Note:

Exception:

Note:

Note:

Note:

Note:

Note:

IDRS Unit Profiles

IDRS Command Codes

Requests for Common Command Codes

Requests for Uncommon Command Codes

Note:

IDRS Online Reports Services (IORS)

Types of IORS Reports

Weekly Security Reports - Review and Action (No Certification Required)

Monthly Security Reports - Review and Action (No Certification Required)

Note:

Note:

Security Reports Requiring Certification

Weekly Security Violations Report

Note:

Note:

Note:

Example:

Weekly Sensitive Access (Other/Spouse)

Note:

Note:

Note:

Note:

Example:

Exception:

Example:

Note:

Note:

Note:

Monthly IDRS Security Profile Report

Locked Profiles

Automated Command Code Access Control / Restrictions

Note:

Exception:

Note:

Sensitive Command Code Combinations

Security Command Code Usage

Exception:

Master Register of Active IDRS Users

Command Code Activity

Exception:

IORS Documentation

Security Audit and Analysis System (SAAS)

Form 11377 / 11377-E, Taxpayer Data Access

Note:

Acronyms

Common Command Codes - SB/SE Collection Operations and Operations Support

Note: