WISP Basics
WISP Basics
Everything you need to know about Written Information Security Plans
What is a WISP?
A Written Information Security Plan (WISP) is a document that describes how your firm protects sensitive client information. It outlines your security policies, procedures, and safeguards.
Why are tax firms targeted?
Tax firms hold valuable personal information: Social Security numbers, financial data, and identity details. This makes them prime targets for identity theft and fraud.
What do auditors expect?
Auditors want to see documented policies, evidence of implementation, training records, acknowledgments, and ongoing compliance activities—not just a PDF.
What do clients expect?
Clients expect their sensitive information to be protected. A comprehensive WISP demonstrates your commitment to their security and can be a competitive advantage.