Were here to do your paperwork!
Get started with a free consultation so we can do paperwork for you!
Were here to do your paperwork!
Get started with a free consultation so we can do paperwork for you!
Serving Our Community
Our family-owned paperwork service has been serving the community for over 10 years. Our team has grown and includes experienced Notary Public, NNA Certified Signing Agents, IRS Certified Tax Preparers, Paperwork Creators, Appraisers, Contract Investigators, and IRS Certified Acceptance agents.
Written Information Security Program (WISP)
Written Information Security Program (WISP)
All Things Praise
Effective Date: 01/0/2013
Website: https://www.allthingspraise.com
1. Purpose
This Written Information Security Program (WISP) establishes administrative, technical, and physical safeguards to protect the personal, client, and company data managed by All Things Praise. It is designed to comply with applicable laws and best practices concerning information security and data privacy.
2. Risk Assessment
Internal Risks:
- Unauthorized employee access to sensitive client information.
- Accidental deletion or mishandling of client records.
- Insider threats due to lack of security training.
External Risks:
- Cyberattacks (e.g., phishing, ransomware, malware).
- Website breaches targeting client data.
- Loss or theft of company devices containing sensitive information.
Assessment Procedures:
- Conduct annual risk assessments to identify new vulnerabilities.
- Maintain an updated inventory of data storage locations and systems.
3. Safeguards and Controls
Technical Controls:
- Implement SSL/TLS encryption for all website data transmissions.
- Use firewalls and intrusion detection/prevention systems (IDS/IPS).
- Enforce strong, unique passwords and multi-factor authentication (MFA) for all internal systems.
Physical Controls:
- Limit physical access to servers and devices storing sensitive data.
- Secure backup drives and hard copies in locked facilities.
Administrative Controls:
- Define user roles and permissions based on minimum necessary access principles.
- Regularly review access logs and permissions.
4. Data Handling Policies
Data Storage:
- Store client data securely using encrypted cloud services that comply with industry standards (e.g., ISO 27001, SOC 2).
Data Access:
- Grant access to client information only to employees who require it to perform their job duties.
Data Disposal:
- Use secure deletion tools for electronic data and cross-shredding for physical documents when they are no longer needed.
5. Incident Response Plan
In the Event of a Data Breach:
- Detection: Immediately investigate any suspected breach.
- Containment: Limit the scope and impact of the breach.
- Assessment: Identify affected data and evaluate risks.
- Notification:
- Notify impacted clients promptly, no later than 72 hours after confirming a breach.
- Report breaches to regulatory bodies if required by law.
- Remediation:
- Correct vulnerabilities that led to the breach.
- Review and update security measures to prevent recurrence.
- Documentation: Maintain detailed records of the breach and response actions taken.
6. Employee Training
- Provide onboarding and annual training sessions covering:
- Information security best practices.
- Phishing and social engineering awareness.
- Secure handling and disposal of sensitive information.
- Conduct regular simulated phishing tests to reinforce training.
7. Regular Security Reviews
- Internal Audits: Conduct semi-annual security audits of systems, policies, and employee compliance.
- External Audits: Engage third-party security firms for annual penetration testing.
- Updates: Revise this WISP at least annually, or sooner if significant changes in operations, regulations, or threats occur.
Document Owner: Amari Winrow, Data Protection Officer
Approval Date:01/01/2023
Next Review Date: 01/01/2026
Our Small Business Services
Compliance
- Taxes: Personal, Business, 501c3, and Corporate
- ITIN paperwork prepared and authenticated
- Knowledgeable Local and state Sales Tax, and IRS Regulations
- Legally Required Personal/Corporate Documentation / Registered Agents
Paperwork Assistance
- State Unemployment Forms
- SSA and SSI
- General Forms
- Mobile Notary Republic
- Signing Agents/Debt Consolidation
- FAFSA fill out
Advisory/Consultation
- Reporting: Help directors make informed decisions
- Capital Fundraising: Advice on seeking equity to help grow your business
- Accounting and Tax Compliance information provided upon request
Subscribe
Sign up to hear from us. So we can do paperwork for you!
Tax Law Issues to be aware of in 2024
Check out this great video
