Written Information Security Plans

Create new WISP


WISP Sign-in

WISP


2026 Written Information Security Plan (WISP) – IRS & FTC Compliant for Tax Professionals

Ready for Tax Season? Visit 2026 IRS WISP

Don't File Taxes in 2026 Without a 2026-Compliant WISP.

Our mission is to empower tax professionals with affordable, IRS-compliant Written Information Security Plans that protect taxpayer information, ensure legal compliance, and foster client trust — all while making the process simple, fast, and accessible for every practice.

We position our 2026 IRS WISP as the most cost-effective, professionally designed compliance solution for tax preparers, CPAs, and bookkeepers nationwide. At just $29 per year, our auto-fillable WISP delivers premium security documentation without premium pricing — bridging the gap between regulatory compliance and operational simplicity.

Why a 2026 IRS WISP is Non-Negotiable

As we move into the 2026 tax season, the IRS and FTC have reinforced their mandates for protecting taxpayer data. If you are a CPA, Enrolled Agent, tax preparer, bookkeeper, or any paid preparer with a Preparer Tax Identification Number (PTIN), you are required by law to maintain a Written Information Security Plan (WISP). This is not optional — it’s a legal and compliance requirement that carries potential penalties for failure to comply.

The IRS W-12 Form, specifically Line 11, is your formal acknowledgment that you understand your data security obligations. Yet, many tax professionals delay creating or updating their WISP until it’s too late, risking both client trust and compliance status. For 2025, the IRS has heightened its focus on ensuring WISP accuracy, currency, and completeness. This is the year to get it right.

Our professionally designed, auto-fillable 2026 IRS WISP provides a complete 13-page plan with an additional 37 pages of attachments, templates, contracts, checklists, and forms. At just $29 annually, it’s an affordable, robust, and fully compliant solution to secure taxpayer data. From encryption policies to incident response procedures, every section is tailored to meet IRS and FTC guidelines.

Don’t wait until tax season is in full swing. A compliant WISP ensures your firm is audit-ready, secures sensitive data from breaches, and demonstrates to clients that you take their privacy seriously. This is your safeguard against financial penalties, data loss, and reputational harm — all at a cost less than a dinner out.

The IRS Written Information Security Plans are considered a “Living Document,” meaning they are continuously evolving to reflect the latest insights and best practices. This approach ensures the content remains evergreen and doesn’t become outdated, as it is consistently refreshed to meet new regulatory requirements, thereby guaranteeing readers the most current and relevant details. By always maintaining an up-to-date resource, these WISPs instill trust and confidence in their accuracy, compliance, and ability to safeguard sensitive data.

Using phrases like “continually updated,” “evergreen,” “latest insights,” and “best practices” not only highlights their dynamic nature but also will help assist with your Tax Clients data secure and the content is regularly enhanced. As a result, Tax Preparers recognize these plans as actively maintained, supporting higher search visibility and ongoing compliance. Ultimately, embracing a Living Document strategy ensures that IRS Written Information Security Plans stay aligned with evolving standards and help protect organizations from potential security threats.

Keep Your IRS Written Information Security Plans (WISPs) Continuously Updated with All Rules and Regulations

FREE Real-Time Payments Bank Reconciliation
"FREE" Aging Receivables & Real-Time Payments Bank Reconciliation – with all 2026 WISP clients process with us. Real-Time Payments Bank Reconciliation

To support merchants and finance teams of all sizes, TodayPayments.com offers free downloadable templates, including:

  • Aging Accounts Receivable Worksheet: Pre-built with 15, 30, 60, 90+ day tracking
  • Bank Reconciliation Templates: Instantly match payments with deposits across batches
  • ISO 20022 File Format Samples: Plug-and-play structures for batch uploads and Request for Payment message testing

Empowering Accounting Professionals

Ask us How:

  1. Tax preparers seeking a 2026 auto-fillable IRS Written Information Security Plan can access a professionally designed, fully compliant WISP for only $29 per year.
  2. Ensure IRS W-12 Line 11 compliance by implementing a robust data protection plan that meets both IRS and FTC standards.

    3. Line 11 on the IRS W-12 Form requires you to check a box confirming that you understand and comply with these legal requirements. That means a WISP isn’t optional—it’s mandatory for CPAs, Enrolled Agents, Bookkeepers, and all tax professionals engaged in preparing returns for compensation. Without a current, documented IRS WISP in place, you risk rejection, delays, audits, and possible FTC penalties.

    Line 11: Data Security Responsibilities

    This line is one of the most critical sections of IRS Form W-12. By signing this section, you certify that you understand and will comply with the IRS’s requirements for safeguarding taxpayer data.

    What You Are Certifying:

    1. Secure Systems: You will use secure systems for handling taxpayer data, including encryption, firewalls, and password protection.
    2. Employee Training: You will ensure that all employees with access to taxpayer information are trained on data security best practices.
    3. Written Information Security Plan (WISP): You must maintain a WISP that outlines how your business will protect sensitive information, comply with IRS Publication 4557, and respond to data breaches.
    4. Compliance with Laws: You will adhere to federal and state laws governing data security, including the FTC Safeguards Rule.
    5. Incident Response: You agree to notify the IRS and affected taxpayers promptly if a data breach occurs.

    Failing to comply with Line 11 requirements can result in penalties, suspension of your PTIN, or legal consequences. It’s crucial to understand these responsibilities and take appropriate measures to secure taxpayer data.

  3. Our 2026 WISP for CPAs, Enrolled Agents, and Bookkeepers includes templates, contracts, and security policies tailored for your tax office.
  4. The 2026 IRS-compliant Written Information Security Plan comes with 13 pages of core documentation plus 37 pages of supporting attachments.
  5. Protect your clients’ taxpayer data with a WISP designed for IRS and FTC compliance, covering encryption, access controls, and incident response.
  6. Avoid penalties by using our affordable $29 annual WISP that ensures you meet all IRS data security requirements before filing 2026 returns.

Top 10 Benefits / Features-Rich Reasons to Choose Our Premier 2026 IRS WISP

  1. IRS & FTC Compliant – Meets all current legal requirements.
  2. Auto-Fillable PDF – Saves time with pre-built sections.
  3. Full Documentation Set – 13-page plan + 37-page attachments.
  4. Affordable – Just $29 per year.
  5. Audit-Ready – Prepared for IRS review at any time.
  6. Customizable – Tailored to your specific practice.
  7. Covers All Key Security Areas – From encryption to breach response.
  8. Easy to Update Annually – Stay compliant year after year.
  9. Professional Design – Clean, organized, and IRS-friendly.
  10. Peace of Mind – Confidence that you’re protecting taxpayer data.

Itemized Parameters & Attributes for Businesses Creating a 2026 IRS WISP

  • Scope: All taxpayer data storage, handling, and transmission.
  • Access Control: Role-based permissions for staff.
  • Data Encryption: Standards for at-rest and in-transit data.
  • Incident Response: Steps for breach detection and mitigation.
  • Physical Security: Office, hardware, and network safeguards.
  • Employee Training: Annual security awareness requirements.
  • Third-Party Vendors: Contracts and due diligence measures.
  • Backup & Recovery: Secure data redundancy protocols.
  • Audit Trail: Logging of data access and changes.
  • Annual Review: Required WISP update and re-certification.

We keep your IRS Written Information Security Plans (WISPs) consistently aligned with evolving regulations. Our approach treats your WISP as a “Living Document,” meaning it is:

  • Continuously Evolving: Regularly updated to reflect the latest requirements, best practices, and annual changes.
  • Evergreen: Always reviewed and revised, ensuring compliance for both sole practitioners and large national tax preparer firms.
  • Always Current: You can trust you’re following the most recent guidelines for safeguarding taxpayer data.

“This Living Document is continually updated to incorporate the latest insights, annual modifications, and best practices, ensuring it remains an evergreen resource.”

Below is an overview of the key continuous update requirements for Authorized IRS e-file Providers:

1. Extended Validation SSL Certificate

Ensure your website uses a valid Extended Validation (EV) SSL certificate with TLS 1.2 or later and 2048-bit RSA/128-bit AES encryption. This encrypts taxpayer data and secures online transactions.

2. Weekly External Vulnerability Scans

Contract a PCI SSC-certified vendor for weekly scans of all system components (networks, servers, applications). Promptly address any vulnerabilities and maintain scan reports for at least a year. Remember:

  • Hosting vendors must also meet PCI DSS standards.
  • Scanning vendors and hosts must be U.S.-based.

3. Information Privacy and Safeguard Policies

Establish a written privacy and safeguard policy, including the statement:

“We maintain physical, electronic, and procedural safeguards that comply with applicable law and federal standards.”

Validation by an IRS-approved privacy seal vendor is required to ensure compliance.

4. Protection Against Fraudulent Bulk Filings

Implement technologies to prevent the bulk filing of fraudulent returns. Collect, process, or store taxpayer data only through secure, compliant systems.

5. Public Domain Name Registration

Register your domain name via a U.S.-based, ICANN-accredited registrar. Keep domains locked and avoid private registrations to maintain transparency and accountability.

6. Reporting of Security Incidents

Report security incidents (breaches or unauthorized data access) to the IRS immediately—no later than the next business day. Suspend collecting taxpayer data from affected websites until the incident is resolved, following the Data Theft Information for Tax Professionals guidelines.

Continuously Updating Your WISP with Authoritative Sources

We integrate guidance from the following IRS and FTC publications to ensure your WISP remains current:

  • IRS Publication 1345 – Authorized IRS e-file Providers of Individual Income Tax Returns
  • IRS Publication 4557 – Safeguarding Taxpayer Data
  • IRS Publication 5078 – Assurance Testing System (ATS) Guidelines for Modernized e-File (MeF)
  • IRS Publication 5293 – Protect Your Clients; Protect Yourself
  • IRS Publication 5417 – Basic Security Plan Considerations for Tax Professionals
  • IRS Publication 5709 – WISP Summary
  • IRS Publication 5708 – WISP Sample Plan
  • FTC Data Breach Response Guide (PDF)
  • FTC on Privacy
  • FTC GLBA (Gramm-Leach-Bliley Act)

Since you used our WISP services last year, we encourage you to continue with us to maintain an evergreen, continuously evolving, and always current plan. Protecting taxpayer data and staying compliant has never been easier—contact your Company today to keep your WISP aligned with the latest IRS and FTC standards.

Conclusion: Don’t risk your license, your clients, or your reputation. For just $29, you can secure a fully compliant, IRS-ready 2026 Written Information Security Plan that covers every requirement in minutes. With our auto-fillable design, professional templates, and easy annual updates, compliance has never been simpler. Act now — your 2026 IRS WISP is the shield your business needs before filing 2026 returns.


Customize your WISP Template with 50 Agreements, Checklists & Documents Fillable only $29 - Login now!

Contact Us for Written Information Security Plans payment processing

Navigation

Services

Our office

Today Payments Merchant Services
2305 Historic Decatur Road, Suite 100
San Diego, CA 92106
Copyright © Today Payments, Inc. All Rights Reserved.
Written Information Security Plans is a website owned by Today Payments, Inc.
Today Payments, Inc., is an Elavon Payments Partner & Registered Partner/ISO of Elavon, Inc. Georgia, [a wholly owned subsidiary of U.S. Bancorp, Minneapolis, MN]