A starting-point Written Information Security Plan based on FTC Safeguards Rule and IRS Publication 4557 requirements. Download it free — no email required.
⬇ Download Free TemplateThe template covers every section the FTC and IRS require. You fill in the details specific to your practice.
Pre-written language referencing the FTC Safeguards Rule, IRS Publication 4557, and GLBA. Customize with your firm name.
Fill-in fields for your Qualified Individual and Public Information Officer — with role descriptions included.
Tables for documenting the types of data you handle and the risks you've identified — with common risks pre-listed.
A blank table to document every device that stores or processes client financial information.
Checklists for access controls, MFA, encryption, network security, and physical security — with blank fields for your specific tools.
A table to document all third-party vendors with access to client data and whether written agreements are in place.
Training topic checklist and a dated training log with signature fields for each employee.
Step-by-step breach response with a notification table including IRS Stakeholder Liaison and cyber insurance fields.
A review log and signature block to document that the plan was adopted and reviewed annually.
This template is a genuine starting point — it covers every required section and gives you the structure the FTC and IRS expect to see.
But here's what most tax preparers discover after downloading it:
A WISP filled with generic placeholder language may not satisfy the FTC Safeguards Rule requirement that your plan reflect your specific business operations. That's not us trying to sell you something — that's what the rule actually says.
You complete a short questionnaire about your practice. We use your answers to prepare a personalized WISP document — your software, your staff, your systems.
Delivered in 48 hours. No calls required.