100% Free  ·  No email required

Free Tax Security Resources

Tools and guides to help small tax offices understand what IRS data security compliance looks like — and what it takes to get there.

⚠️
IRS Publication 4557 compliance is required now — not eventually.

The FTC Safeguards Rule has been in effect since June 2023. Every tax preparer — solo or firm — is legally required to have a Written Information Security Plan (WISP) and documented safeguards in place. Failure to comply can result in EFIN suspension, FTC investigation, and personal liability in the event of a breach. Learn more at IRS.gov →

Compliance documents — we build them for you
IRS Pub 4557

Pub 4557 Compliance Record

A completed, signed data security record the IRS expects every tax preparer to maintain on file — specific to your firm.
What the document covers
1
Firm identification — name, EIN, EFIN
2
Designated responsible individual
3
Physical security safeguards checklist
4
Technical controls — the IRS Security Six
5
Personnel safeguards & training record
6
WISP status & incident response contacts
7
Signed certification & compliance attestation

Antivirus software installed and auto-updating on all workstations. Firewall active and verified on all devices. MFA enabled on IRS e-Services, tax software, and email. BitLocker encryption confirmed on all laptops. Weekly encrypted backups stored off-site and tested for restoration. EFIN monitored weekly via IRS e-Services.

Completed for your firm when you work with us
We complete the entire document for your firm. One call, we handle the rest — properly formatted, signed, and ready if the IRS ever asks.
Call for a free assessment Send us a message instead
FTC Safeguards Rule · GLBA

Written Information Security Plan

Federally required for every tax preparer since June 2023. A generic template won't protect you — it needs to reflect your actual office.
All 9 required sections
1
Firm identification & business type
2
Information security coordinator
3
Program scope & data inventory
4
Risk assessment — 12-threat matrix
5
30+ admin, technical & physical safeguards
6
Employee training program record
7
Breach detection & incident response plan
8
Third-party vendor oversight inventory
9
Authorized certification & signature

Phishing / email fraud — Likelihood: High / Impact: High / Priority: Critical. Ransomware / malware infection — Likelihood: High / Impact: High / Priority: Critical. Unauthorized employee access — Likelihood: Medium / Impact: High / Priority: High. Lost or stolen device — Likelihood: Medium / Impact: High / Priority: High.

Completed for your firm when you work with us
A generic WISP is worse than no WISP — it gives you false confidence. We interview you, assess your actual setup, and produce a plan that holds up.
Call for a free assessment Send us a message instead
Free download

IRS Security Six Quick Reference

One-page visual guide covering all six minimum controls the IRS requires every tax preparer to have in place. Print it and post it in your office.

Download PDF — Free
Free download

Phishing Awareness Checklist

Train your staff in minutes. Covers red flags, what to do before clicking, how to report to the IRS, and immediate steps if someone already clicked.

Download PDF — Free

We do the compliance work — you focus on clients

Full IRS 4557 compliance package, WISP creation, staff training, and ongoing IT security management — tailored to your office, flat fee, no surprises.

Get a free consultation