DISASTER RECOVERY GUIDE

Creating a Data Security Plan: Tips for Tax Professionals

 – December 9, 2024
Creating a Data Security Plan: Tips for Tax Professionals

Tax professionals are required by law to create a Written Information Security Plan – or WISP – to protect their clients’ data. The IRS and the Security Summit partners have created an easy-to-follow Written Information Security Plan that outlines the basics and walks tax professionals through how to get started on a plan and understand security compliance requirements and professional responsibilities.

Creating a WISP

A WISP protects client information most effectively when tailored to the size, scope, complexity and sensitivity of the customer data it handles. A WISP should focus on:

  • Employee training and management.
  • Information systems.
  • System failure detection and management.

WISP Requirements

Tax professionals are required by law to have a WISP in place to protect customer data.  As a part of their security plan, each tax professional needs to:

  • Designate one or more employees to coordinate its information security program.
  • Identify and assess risks to customer information in each relevant area of the company's operation.
  • Evaluate the effectiveness of the current safeguards for controlling those risks.
  • Design and implement a safeguards program and regularly monitor and test it.
  • Contract a service provider that maintains safeguards and handling of customer information.
Tax professionals should always be evaluating and adjusting their WISP based on relevant circumstances, changes in the firm's business or operations or the results of security testing and monitoring. For more on security awareness and WISPs, check out National Tax Security Awareness Week 2024.


The information in this guide has been gathered from many sources, including the Internal Revenue Service, the Social Security Administration, state agencies, professional organizations and members of the NJCPA. The majority of state agencies offer online and prerecorded services. It’s best to check online or call before you visit.  

Material contained within this guide should be augmented by, and used in accordance with, a certified public accountant's professional judgment. Your CPA can properly apply the tax laws and regulations to the facts and circumstances of your particular situation. For help with locating a CPA, visit findacpa.org.

The New Jersey Society of Certified Public Accountants is not responsible for any claims arising as a result of this information or its usage.

This guide was updated in August 2024. Future users of this material are cautioned that some portions, particularly tax-related information, may become outdated.

 

Related content

news image
NEWS

Treasury, IRS Issue Proposed Regs on New Roth Catch-Up Rule, Other SECURE 2.0 Act Provisions

 January 10, 2025 Source: IRS
news image
NEWS

IRS Announces Jan. 27 Start to 2025 Tax Filing Season

 January 10, 2025 Source: IRS
news image
NEWS

Treasury, IRS Issue Proposed Regs on New Automatic Enrollment Requirement for 401(k)s and 403(b)s

 January 10, 2025 Source: IRS
article image
ARTICLE

Tips for Managing the 2025 Tax Season

 January 6, 2025 Source: Journal of Accountancy
Related Pages: Federal & International Tax Knowledge Hub | NJCPA Tax Events | Risk & Compliance Knowledge Hub | Cybersecurity Knowledge Hub


 

Related events

January 15, 2025Paterson
Passaic County Chapter
IRS Update | New Jersey State Tax Update
January 15, 2025
Federal Tax Update
January 15, 2025
The Best Federal Tax Update Course
January 15, 2025
Food, Beverage, and Entertainment Expensing
FIRST
    LAST