Thsi course provides a comprehensive overview of Written Information Security Plans (WISP), focusing on their purpose, requirements, and implentation. All PTIN holders must certify they have a WISP prior to renewal, along with certifying the training of employees, staff and contractors as necessary. Participants will explore the history and legal foundation of WISP under the Gramm-Leach-Bliley Act, and how compliances is enforsed through IRS Circular 230, AICPA Statments of Standards, The American Bar Associations and the Federal Trade Commission (FTC). This event may be a rebroadcast of a live event and the instructor will be available to answer your questions during the event.
Learning Objectives
After attending this presentation, you will be able to...
- Recall the Gramm-Leach-Bliley Act and its requirements for data security.
- Analyze compliance requirements under Circular 230 related to WISP and data security.
- Identify AICPA Statements of Standards applicable to WISP.
- Recall the essential components of a WISP and how to draft one.
- Recognize the role of employee and contractor training in maintaining data security compliance.
- Assess how FTC regulations impact WISP implementation and enforcement.
- Evaluate due diligence practices for ensuring WISP compliance.
- Develop strategies for monitoring and updating a WISP to meet evolving standards.
Major Topics
The major topics that will be covered in this course include:
- Introduction to the Gramm-Leach-Bliley Act and its impact on data security.
- Circular 230 compliance and due diligence for practitioners.
- AICPA Statements of Standards relevant to WISP requirements.
- Key components of a Written Information Security Plan.
- Training requirements for employees, staff, and contractors.
- Practical guidance for drafting and implementing a WISP.
- FTC enforcement of data security standards for PTIN holders.
- Best practices for maintaining and updating WISP compliance.
