Quickly Build an IRS Cyber Security Plan
The Challenge: Building and maintaining a Cyber Security Plan
In 2019 the Internal Revenue Service (IRS) made it mandatory that tax professionals develop and implement a Cyber Security Plan to protect personal financial data. The new law requires key cyber security elements that must be defined and implemented. To an individual preparer or small business, this process can seem overwhelming. How do we translate these different requirements into plans and policies that work for us? And how to we maintain compliance with this plan once it is developed? To help IRS tax providers, Information Shield has taken our “Made Easy” approach to cyber security and introduced our new IRS Cyber Security Plan Template.
The Solution: IRS Cyber Security Plan Template
The IRS Cyber Security Plan Template enables you to quickly develop a written cyber security plan that addresses all essential IRS requirements. We took key requirements from IRS Publication 4557 and IRS Publication and put them in a single package.
The IRS Security Plan Template provides complete security policy coverage for all key information security and data privacy elements of the IRS requirements. The policies are based on world-leading Information Security Policies Made Easy product, which has been used by over 10,000 organizations in 60 countries. Don’t reinvent the wheel! Our policy templates have been used by over 10,000 organization in 60 countries.
Key Features of the IRS Cyber Plan Template
Complete Cyber Security Plan Template
Quickly develop a Cyber Security Plan using our easy MS-Word plan template. A few simple edits and you have a complete written IRS Cyber Security Plan in minutes! Expert security guidance is included within each section of the template.
Complete set of supporting Security Policies
IRS Publication 5293 and 4557 require specific “controls” that must be documented in your plan. These include malware protection, access control, risk analysis, and incident response. Our template includes over 30 essential information security policies that address all key elements of IRS requirements.
Sample Acceptable Use Policy
The IRS requires that all users are trained in cyber security principles and required to follow policies that protect information. Our IRS Cyber Plan template includes a complete Acceptable User of Assets policy which can be published and read by all employees.
Security Manager Charter and Job Description
The IRS requires that each organization have a designated cyber security leader with documented roles and responsibilities. Our IRS Cyber Plan template includes a complete Security Manager job description and charter for the information security function.
Checklist of Management Steps
Finally, the IRS requires that your program be maintained and monitored. Our IRS Cyber Plan template included a detailed list of essential steps that must be followed to maintain the program. Use this checklist to demonstrate ongoing compliance of your IRS cyber program.
Key IRS Cyber Plan Requirements
The IRS requires a plan with several key elements, outlined in IRS Publication 4557 – Safeguarding Taxpayer Data, and Small Business Information Security.
- Develop and implement a written Cyber Security Plan
- Identify and evaluate cyber risks to taxpayer data
- Develop and implement “safety measures” (controls and policies)
- Assign and document an Information Security Manager to implement the program.
- Regularly monitor and test the program.
The IRS requires tax preparers to implement a cyber security plan and supporting policies that contain key requirements. These are outlined in IRS Publication 4557 – Safeguarding Taxpayer Data, and Small Business Information Security – The Fundamentals, by the National Institute of Standards and Technology.
Want to learn more?
Contact us today for a Free 30 Minute Consultation on how your organization can streamline and demonstrate IRS cyber security plan compliance.