WISP AI Addendum, TEMPLATE
What this is. An appendix that folds AI tools into your firm's Written Information Security Plan (the program the FTC Safeguards Rule, 16 CFR Part 314 requires of tax/accounting firms, and that the IRS WISP, Pub 4557/5708, implements). It maps each AI obligation to the specific §314.4 element it satisfies, so an examiner sees AI is inside your program, not bolted on.
Attach this to your existing WISP. Replace every
[BRACKET]; have counsel/your Qualified Individual review. Not legal advice. Grounded in Regulatory Foundation §2.
[FIRM NAME], WISP Appendix [X]: Artificial-Intelligence Tools
Effective [DATE] · Qualified Individual: [NAME] · Reviewed annually / on material change.
1. Scope
This appendix governs any AI tool, generative AI (Claude, ChatGPT, Gemini, Copilot), tax-research AI, OCR/extraction, transcription, and AI features embedded in firm software, that may receive, process, or access customer information as defined in the Safeguards Rule.
2. Controls, mapped to FTC Safeguards Rule §314.4
| Control | What the firm does | §314.4 element |
|---|---|---|
| Approved-tool list | Only tools on the maintained list [Appendix A] may touch client data; all others are prohibited for client info |
§314.4(c) safeguards; (f) provider oversight |
| Risk assessment | The written risk assessment covers AI prompts, uploads, outputs, embeddings, logs, and vendor access | §314.4(b) |
| Data classification & minimization | Client TRI/PII is entered only where required; default is anonymize first (see redactor) or use an approved tool | §314.4(c)(1) access; (c) safeguards |
| Vendor due diligence + contracts | Each AI vendor cleared via the Vendor Due-Diligence Checklist and bound by a DPA (no-training, retention, subprocessors, breach notice) | §314.4(f)(1)–(2) |
| Encryption | Customer information is encrypted in transit and at rest with approved tools | §314.4(c)(3) |
| Access controls / MFA | AI-tool access is limited to authorized personnel with MFA; no shared/personal accounts for client data | §314.4(c)(1),(5) |
| Application assessment | AI tools that transmit/access customer info are assessed as externally-developed apps | §314.4(c)(4) |
| Logging & monitoring | AI-tool usage with client data is logged and periodically reviewed | §314.4(c)(8) |
| Retention & disposal | Prompts/uploads/outputs are retained no longer than needed and securely disposed; vendor ZDR confirmed where used | §314.4(c)(6) |
| Incident response | A vendor-AI incident (breach, leakage, exposed prompts) is handled under the firm's written IR plan; FTC notification assessed for events ≥500 consumers | §314.4(h) |
| Training | Staff trained on this appendix: what TRI is, why a prompt can be a disclosure, approved tools, redaction, and reporting accidental exposure | §314.4(e) |
| Periodic reassessment | AI vendors reassessed on a risk basis; this appendix reviewed annually and on material change | §314.4(f)(3),(g) |
3. Prohibited without prior approval
-
Entering client-identifiable or return-derived information into a consumer/personal/free AI account, or any tool not on the approved list.
-
Any tool with offshore access to client data absent §7216 consent and an adequate-safeguard review.
-
Any tool that trains on / reuses firm inputs.
- Using AI output as the final substantive tax determination without CPA review.
4. Roles
-
Qualified Individual
[NAME]owns this appendix, the approved-tool list, vendor reviews, and the annual report. -
All personnel comply with the AI Acceptable-Use Policy.
Cross-references: Regulatory Foundation §2 (FTC Safeguards/WISP). Educational template, counsel/Qualified-Individual review required before adoption.