The Security and Information Technology Services unit assesses the IRS’s information technology (IT) programs by implementing audit strategies that evaluate: (1) Cybersecurity, including reviews of the Federal Information Security Management Act of 2002 (FISMA), 1 audit trails, privacy, security monitoring and reporting, and incident management; (2) Systems Modernization and Application Development, including reviews of the Modernization Program, computer applications supporting the Patient Protection and Affordable Care Act (Affordable Care Act), and other high priority projects and applications; and (3) IT Operations, including reviews of computing center operations, asset management, and IT procurement. .