WISP Toolkit for Tax Professionals — 9 editable FTC Safeguards Rule + IRS Pub 4557 (WISP) document templates in Word and Excel
FTC Safeguards Rule + IRS Pub 4557 (WISP)Tax preparers, CPAs & accounting firms

WISP Toolkit for Tax Professionals

Complete Written Information Security Plan package for tax preparers, CPAs and accounting firms — FTC Safeguards Rule (16 CFR 314) crosswalk, IRS Pub 4557-aligned policies, risk assessment workbook, training logs and incident response — everything Pub 5708 doesn't operationalize.

New to FTC Safeguards Rule + IRS Pub 4557 (WISP)? Read our FTC Safeguards Rule + IRS Pub 4557 (WISP) guide →

What's inside — 9 documents + 2 workbooks

  1. Written Information Security Plan (WISP) (.docx)
  2. Office Data Security Policy (.docx)
  3. Data Incident Response Plan (.docx)
  4. Security Awareness Training Program (.docx)
  5. Service Provider Oversight Policy (.docx)
  6. Remote Work and Seasonal Staff Security Policy (.docx)
  7. Client Records Retention and Disposal Policy (.docx)
  8. WISP Annual Review and Update Procedure (.docx)
  9. PTIN Renewal and W-12 Data Security Checklist (.docx)

Excel workbooks

  • Risk Register (Excel)
  • Audit Evidence Checklist (Excel)
What's inside the WISP Toolkit for Tax Professionals — 9 compliance document templates
A look at what's inside the toolkit.

See the real content before you buy

We publish genuine excerpts — not marketing mockups. Read the opening sections of the Written Information Security Plan (WISP) exactly as you'll receive it:

Read the free preview

Frequently asked questions

Does this WISP satisfy the IRS and FTC requirement for tax preparers?
It provides the Written Information Security Plan required of preparers under the FTC Safeguards Rule (16 CFR Part 314) and referenced by IRS Publications 4557 and 5708 and Form W-12. You designate your Qualified Individual and complete the risk assessment; the plan and companion documents are built for exactly that.
Is a WISP really required for a small tax practice?
Yes. The FTC Safeguards Rule applies to tax and accounting firms of every size, and PTIN renewal asks you to confirm you maintain a written security plan. This package operationalizes that obligation rather than leaving you a blank checklist.
What’s included beyond the plan itself?
A risk-assessment workbook, security-awareness training program, incident response plan, service-provider oversight policy, records retention and disposal policy, and an annual review procedure — the full Safeguards Rule document set.
What format are the files and how are they delivered?
Editable Microsoft Word (.docx) and Excel (.xlsx) files, delivered as an instant download immediately after checkout. Organization-specific values are amber [bracketed placeholders] you replace with find-and-replace.
What licence do I get?
A single-organization licence. If you are a consultant or MSP intending to reuse the documents across multiple clients, contact us first for a fair multi-client arrangement.
$59

Secure Stripe checkout · instant download · no account required

By completing your purchase you agree to our Terms & License and Privacy Policy.

Professional editable templates — general information only, not legal, audit, tax, or certification advice, and no professional or advisory relationship is created. No purchase makes an organization compliant or certified. Review each document with qualified counsel, your compliance professional, or your auditor before relying on it. ISO, IEC, SOC 2, AICPA, HIPAA, NIST, GDPR, the EU AI Act, IRS and FTC are referenced descriptively only; ComplianceDocs (ExpertEngine LLC) is independent and is not affiliated with, endorsed by, or certified by any standards body, regulator, or audit firm.