A newly updated written information security plan (WISP) template from the IRS aims to help tax professionals against continuing threats from identity thieves and data breaches.
The new WISP template is an easy-to-understand guide developed by and for paid tax preparers and CPAs, particularly those who work in smaller practices, to keep client and business information safe and secure.
The IRS said the new version highlights best practices for implementing multifactor authentication for any individual accessing any information system, unless their qualified individual has approved in writing the use of reasonably equivalent or more secure access controls.
Additionally, tax professionals must now report a security event affecting 500 or more people to the FTC as soon as possible, but no later than 30 days from the date of discovery. Read more.