Lambers

Download Free IRS WISP Template

  • Paid tax preparers must have a WISP per IRS requirements.
  • To renew your PTIN, firms need to have a data security plan in place
  • Non-compliance could result in serious penalties

Free Download
Complete the form below to download your free WISP template.

"*" indicates required fields

Let us help you stay compliant

When tax preparers renew their PTIN on the W-12 , they will notice it now states “Data Security Responsibilities: “As a paid tax return preparer, I am aware of my legal obligation to have a data security plan and to provide data and system security protections for all taxpayer information. Check the box to confirm you are aware of this responsibility.”

The IRS requires a written information security plan for accountants to protect clients’ data. Having a written information security plan is required because once implemented properly it helps you take the right steps to practice good security.

Our free information security plan template covers topics that range from:

Antivirus protection

Two-factor authentication

Password

Cybersecurity

Employee training

Steps to take in case of a data breach

Written Information Security Plan (WISP)

Frequently Asked Questions

A Written Information Security Plan is the formal document in which an accounting firm describes the technical, physical, and administrative safeguards which ensure information privacy.

A WISP requires an accounting firm to be well prepared for any cyber threat which is posed to the sensitive data held in a firm’s possession – physically or electronically. The goal of the IRS requiring this document is to keep individual firms accountable for the security of breaches in customer data. Those who choose to neglect these stringent guidelines may incur a heavy fine from the federal government.

Certified Public Accounting firms are some of the most vulnerable to security breaches since they contain a customers’ sensitive data. The financial data of different businesses and their owners can offer a huge payday for those intent to exploit your system. Recognizing this ever-growing problem, the different levels of government put these legal responsibilities on these firms to encourage compliance.

The fifth Title of the Financial Services Modernization Act of 1999, also known as the Gramm Leach Bliley Act, states that all financial institutions working under the Federal Trade Commission are required to take necessary steps to ensure the protection of customers’ sensitive data as stated in the Safeguard Rule. The Federal Trade Commission has implemented this rule through different regulatory sectors. Violation of this rule results in a heavy penalty, the details of which are:

  • The firm violating the law would have to pay a fine of $100,000 each time it violates it
  • The individual members of the firm are personally accountable to pay a fine of $10,000 for each violation.
  • Title 18 of the United States Code also declares violating individuals may face imprisonment for five years for each violation.
  • Also both the fine and imprisonment can be imposed on the violating party.
  • Depending on the severity of the violations the prosecuting institutions can seek a higher fine or jail term. The scope and number of customers who are impacted dictate the severity of punishment
  • From W12: Under penalties of perjury, I declare that I have examined this application and to the best of my knowledge and belief, it is true, correct, and complete. I understand any false or misleading information may result in criminal penalties and/or the denial or termination of a PTIN.

Let Rightworks help!

You can purchase a WISP today for $999 or speak to a security expert to learn more.