Neftis WISP Services
Team
Services
WISP Form
Privacy Policy
Contact
WISP Form
WISP Implementation
Tax Accounting Firm Name:
Define the WISP Objectives:
The objective is to create adequate administrative, technical, and physical safeguards to protect the Personnel Identifiable Information (PII) retained by
WISP Purpose:
WISP’s purpose is to create adequate administrative, technical, and physical safeguards for the protection of the Personally Identifiable Information (PII) retained by the Firm
WISP Scope:
WISP’s Scope is to Identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of any electronic, paper, or other records containing PII.
Data Security Coordinator
Data Security Coordinator
First Name
First Name
Last Name
Last Name
DSC Responsibilities:
The DSC is the official responsible for the firm’s data security processes and will implement, supervise, and maintain the WISP.
Public Information Officer (PIO) Name:
Public Information Officer (PIO) Name:
First Name
First Name
Last Name
Last Name
Public Information Officer Responsibilities
To prevent misunderstandings and gossip, all outward-facing communications should be approved by this person.
List authorized users at your firm: (User 1)
List authorized users at your firm: (User 1)
First Name
First Name
Last Name
Last Name
Data Access Level
Describe the type of access to PII
Responsibilities
Describe the user’s responsibilities for PII.
List authorized users at your firm: (User 2)
List authorized users at your firm: (User 2)
First Name
First Name
Last Name
Last Name
Data Access Level
Describe the type of access to PII
Responsibilities
Describe the user’s responsibilities for PII.
List authorized users at your firm: (User 3)
List authorized users at your firm: (User 3)
First Name
First Name
Last Name
Last Name
Data Access Level
Describe the type of access to PII
Responsibilities
Describe the user’s responsibilities for PII.
List authorized users at your firm: (User 4)
List authorized users at your firm: (User 4)
First Name
First Name
Last Name
Last Name
Data Access Level
Describe the type of access to PII
Responsibilities
Describe the user’s responsibilities for PII.
List authorized users at your firm: (User 5)
List authorized users at your firm: (User 5)
First Name
First Name
Last Name
Last Name
Data Access Level
Describe the type of access to PII
Responsibilities
Describe the user’s responsibilities for PII.
List type of information your office handlesl, store or process for the client -mark all items needed-
Social Security Number, Date of Birth, or Employment data
Driver´s license number or state-issued identification card number
Income data, Tax Filling Data, Retirement Plan Data, Asset Ownership data, Investment data
Financial account number, credit or debit card number, with or without security code, access code, personal identification number; or password(s) that permit access to a client’s financial accounts:
E-mail addresses, non-listed phone numbers, residential or mobile or contact information:
List potential areas for data loss (internal) 1:
List of potential risks for loss information.
List potential areas for data loss (internal) 2:
List of potential risks for loss information.
List potential areas for data loss (internal) 3:
List of potential risks for loss information.
List potential areas for data loss (internal) 4:
List of potential risks for loss information.
List potential areas for data loss (internal) 5:
List of potential risks for loss information.
List potential areas for data loss (external) 1:
List of potential risks for loss information.
List potential areas for data loss (external) 2:
List of potential risks for loss information.
List potential areas for data loss (external) 3:
List of potential risks for loss information.
List potential areas for data loss (external) 4:
List of potential risks for loss information.
List potential areas for data loss (external) 5:
List of potential risks for loss information.
Outline procedures to monitor and test risks 1:
Outline procedures to monitor and test risks 2:
Outline procedures to monitor and test risks 3:
Hardware description 1:
Physical location 1:
Type of information stored or processed 1:
Hardware description 2:
Physical location 2:
Type of information stored or processed 2:
Hardware description 3:
Physical location 3:
Type of information stored or processed 3:
Hardware description 4:
Physical location 4:
Type of information stored or processed 4:
Hardware description 5:
Physical location 5:
Type of information stored or processed 5:
Data Collection, and Retention Policy (PII):
Personnel Accountability Policy
PII Data Disclosure Policy:
Network Protection Policy:
Firm User Access Control Policy
Electronic Data Exchange Policy:
Electronic Exchange of PII Policy
WiFi Access Policy
Remote Access Policy:
Connected Devices Policy:
Reportable Incidents Policy:
Information Security Training Policy
– Implementation Clause – Date of Implementation
Director or DSC:
Director or DSC:
First Name
First Name
Last Name
Last Name
GLBA Compliance:
FTC-FPSR Compliance:
Additional regulatory requirements needed:
Director or Firm’s Owner:
Director or Firm's Owner:
First Name
First Name
Last Name
Last Name
Text
Submit
If you are human, leave this field blank.
