Skip to main content

Arizona Department of Revenue—Department Should Improve Its Information Technology Security, Continue Developing Its Information Security Program, and Enhance the Physical Security of Taxpayer Information


To perform its business functions, the Arizona Department of Revenue (Department) handles large volumes of both paper and electronic sensitive taxpayer information. The volume and nature of this sensitive information make the Department a potential target for attack by malicious individuals or organizations looking to access and/or steal this information. The Department has taken steps to protect taxpayer information; however, auditors identified vulnerabilities that leave taxpayer information at risk. In order to address these vulnerabilities, the Department should improve its information technology (IT) security, continue to develop its information security program, and enhance the physical security of taxpayer information.

Follow-Up Report

Additional Documents

Additional Documents