For Accounting & Tax Firms
Is Your Firm's Written Security Plan Holding Up?
The IRS requires every tax professional to have a written security plan to keep a PTIN, and the FTC Safeguards Rule backs it with teeth. Enter your domain or email for an instant audit.
What the IRS and FTC Expect From Your Firm
If you prepare returns, you handle taxpayer data — and both the IRS (Publication 4557) and the FTC Safeguards Rule require a documented plan to protect it. Tax season is also peak phishing season.
1. Written Security Plan
A documented WISP is mandatory to maintain your PTIN. Most firms either don't have one or haven't updated it in years.
2. Secure Email & Access
Email authentication, encryption, and MFA on anything touching client returns — the first things our audit scores.
3. Train Against Phishing
Spear-phishing of tax pros spikes every filing season. Recurring awareness training is both a control and a requirement.
The Golden Rule: Document everything and review your plan annually.
Close the gaps before filing season
We set up secure email, lock down client data, and write the IRS-ready security plan your firm needs on file.
See Services & Pricing