Written Information Security Plans

Overview

Thsi course provides a comprehensive overview of Written Information Security Plans (WISP), focusing on their purpose, requirements, and implentation. All PTIN holders must certify they have a WISP prior to renewal, along with certifying the training of employees, staff and contractors as necessary. Participants will explore the history and legal foundation of WISP under the Gramm-Leach-Bliley Act, and how compliances is enforsed through IRS Circular 230, AICPA Statments of Standards, The American Bar Associations and the Federal Trade Commission (FTC).

This event may be a rebroadcast of a live event and the instructor will be available to answer your questions during the event.

Prerequisites

None

Objectives

After attending this presentation, you will be able to...

• Recall the Gramm-Leach-Bliley Act and its requirements for data security.
• Analyze compliance requirements under Circular 230 related to WISP and data security.
• Identify AICPA Statements of Standards applicable to WISP.
• Recall the essential components of a WISP and how to draft one.
• Recognize the role of employee and contractor training in maintaining data security compliance.
• Assess how FTC regulations impact WISP implementation and enforcement.
• Evaluate due diligence practices for ensuring WISP compliance.
• Develop strategies for monitoring and updating a WISP to meet evolving standards.

Highlights

The major topics that will be covered in this course include:

• Introduction to the Gramm-Leach-Bliley Act and its impact on data security.
• Circular 230 compliance and due diligence for practitioners.
• AICPA Statements of Standards relevant to WISP requirements.
• Key components of a Written Information Security Plan.
• Training requirements for employees, staff, and contractors.
• Practical guidance for drafting and implementing a WISP.
• FTC enforcement of data security standards for PTIN holders.
• Best practices for maintaining and updating WISP compliance.