IRS – Written Information Security Plan (WISP)

A WISP is a ​Written Information Security Plan that is required for certain businesses, such as tax professionals. The IRS explains:

"The Gramm-Leach-Bliley Act (GLBA) is a U.S. law that requires financial institutions to protect customer data. In its implementation of the GLBA, the Federal Trade Commission (FTC) issued the Safeguards Rule to outline measures that are required to be in place to keep customer data safe. One requirement of the Safeguards Rule is implementing a WISP."

More detailed information, including a sample WISP is available from IRS. Also see Publication 4557, Publication 5708, and Publication 1345.