Privacy and Security Policies

Comprehensive IRS Compliance Measures at IFC
  • Develop, maintain, and review the Written Information Security Program (WISP) annually to address evolving risks and ensure compliance.
  • Perform annual risk assessments and update the Risk Management Plan to mitigate vulnerabilities and address emerging threats.
  • Assess third-party vendors thoroughly before granting access to sensitive data, ensuring risks are identified and managed.
  • Restrict data access using role-based access control (RBAC), enforce multi-factor authentication (MFA), and review privileged accounts periodically to minimize unauthorized access.
  • Secure data in transit and at rest with encryption standards such as AES-256 or TLS 1.2+ while ensuring proper data classification, retention, and secure disposal practices.
  • Maintain an accurate hardware inventory, conduct regular Wi-Fi audits, and segregate internal and guest networks to prevent unauthorized access.
  • Provide comprehensive security training for new employees, conduct annual refreshers, simulate phishing attacks to test readiness, and offer specialized training for high-risk roles.
  • Regularly review and update incident response procedures, notify the IRS promptly of breaches involving taxpayer data, and conduct post-incident reviews to strengthen future defenses.
  • Annually update and test the Business Continuity and Disaster Recovery (BC/DR) Plan to reflect operational changes and ensure recovery strategies are effective.
  • Enforce password policies, conduct internal audits, and review all policies annually to verify compliance and address gaps.
  • Continuously evaluate emerging technologies for potential security enhancements and operational benefits.

Other Policies

Security Policies: Choose How To Protect Your Device

We ensure a secure environment for your data.

View Policy
Employee Validation Policies

Our strict employee validation process ensures that only authorized personnel can access sensitive information.

View Policy
Privacy Policies

Our policies outline how we collect, store, and protect personal information.

View Policy