Share this content
person with multiple devices on their desk

IRS Written Security Plan Requirements


Given the routine nature of tax season for many of us, it’s easy to be complacent which can lead to things being overlooked—such as the IRS requirement to have a Written Security Plan. Once you renew your PTIN, you are required by the IRS to have that plan in place.

Feb 11th 2021
Share this content

PTIN holders still have a little time for your firm to meet the IRS Written Security Plan requirements this tax season. Personally, I didn’t have a specific written plan that met the criteria that the IRS is looking for. I had many of the fundamentals covered in my own Business Continuity Plan, but the IRS is looking for a current Information Security Plan based on a Risk Assessment as per the GLBA Safeguards Rule.

This Rule states that your firm is required to conduct a thorough and accurate Risk Assessment, providing the basis for a detailed Information Security Program (ISP). The ISP needs to be clearly documented in writing in order to comply.

Failure to do so can result in some hefty penalties including:

  • imprisonment for up to five years
  • steep fines (up to $100,000 for each violation; with officers and directors potentially being fined up to $10,000 for each violation)
  • or both. This is nothing to mess around with!

The good news, as I discovered, is that establishing a plan to cover your bases on the requirements is relatively easy, especially if you utilize a third-party service that will handle the details for you. After doing some research, I found Securex, a company that specializes in providing accounting firms with exactly what they need, in the right format, to satisfy the IRS guidelines for a written security plan. 

Reduce the risk for your firm and your clients this tax season by getting your Written Security Plan in place this week! Having a written security plan in place is not only smart practice for your firm, but it also will limit your risk of exposure to IRS fines and penalties (not a good look for any tax practitioner especially during tax season!), but doing so provides a critical layer of trust and peace of mind for your clients.

As our clients’ trusted tax professional, it is our fiduciary duty to protect their sensitive personal and financial data to the fullest extent possible. At its core, this is what the IRS Written Security Plan requirement is all about.

Take advantage of this window of opportunity that the late start to the tax filing season is offering your firm to get on top of all of the responsibilities and requirements that come with our professional credentials. Take two hours in the next few days and get your Written Security Plan completed and filed with your PTIN documentation. You’ll have peace of mind and a higher level of security, and your clients and their data will be better protected, too.

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.