The Internal Revenue Service is working on a comprehensive IT security plan to protect those who file their returns electronically, but that plan is not place today as millions of Americans scramble to meet the April 15 deadline for 2008 tax year.

David Williams, director of electronic tax administration for the IRS, said the agency agrees with a recent Government Accountability Office report that concluded that the IRS lacks a clear system to monitor electronic tax filings prepared by software programs such as TurboTax, TaxCut or TaxAct.

"We are working on it, and we will have a complete comprehensive picture for the next filing season," said Williams.

The GAO reported in February that the IRS provides some oversight of the tax software industry, but does not fully monitor compliance with established security and privacy standards. The GAO added that the IRS does not know whether the confidentiality and integrity of the taxpayers' data are being adequately protected against fraud and identity theft.

The IRS said it has rules in place, but its IT and cybersecurity staff have a lot more work to do. An estimated 39 million taxpayers used software programs to prepare their forms in 2007, hardly a trivial number.

For more on the IRS and security:
- see this Washington Post article