IRS reminds tax pros of Written Information Security Plan requirement

August 2, 2025

The IRS is reminding tax professionals about the federal mandate to have a Written Information Security Plan (WISP) designed to help protect them against threats from identity thieves and data breaches.

The Gramm-Leach-Bliley Act, signed into law in 1999, requires all financial institutions to protect customer data. Under the law, tax and accounting professionals are considered financial institutions and must implement a data security plan.

The IRS emphasized that a good WISP focuses on three areas:

  • Employee management and training
  • Information systems
  • Detecting and managing system failures.

The IRS offers tools and resources to help tax professionals, especially smaller practices, develop a WISP. 

← View All News