IT that respects April 15.
NSN Management is the Tulsa IT and compliance partner for CPA firms, tax preparers, and accounting practices. We deliver flat-rate managed IT, FTC Safeguards Rule / IRS WISP compliance, and tax-season operations support that respects the calendar your firm actually runs on — for firms with 10–100 users since 2012.
Three pressures unique to CPA firms.
Generic MSPs handle generic businesses. Your firm has a calendar, a WISP requirement, and clients who can't afford for you to miss.
Tax season is the season
Between January and April 15, every hour of downtime in UltraTax, ProSeries, Drake, or Lacerte costs you. Most MSPs schedule maintenance windows that overlap your busiest week — and don't know your tax stack well enough to triage fast when something breaks.
Two WISPs, one document
The FTC Safeguards Rule and IRS Publication 4557 both require a Written Information Security Program. Most firms still don't have one — and the PTIN renewal now asks. Penalties for FTC non-compliance start at $50,000 per violation.
Client trust is the product
A single breach involving client tax returns, Social Security numbers, or W-2 data is a firm-ending event. Your clients chose you because they trust you. Your IT has to be worthy of that trust.
Specifics for CPA firms.
Not a generic 'managed IT' brochure. Capabilities written for what your firm actually does each day.
Tax & audit software expertise
UltraTax CS, ProSeries, Drake, Lacerte, CCH Axcess, ProSystem fx, Caseware, CCH Engagement. Vendor escalations, version upgrades, and break-fix without learning curves.
FTC Safeguards + IRS WISP
One unified Written Information Security Program that satisfies both the FTC Safeguards Rule and IRS Publications 4557 / 5708. Qualified Individual coverage, annual risk assessment, and the board-level report.
Tax-season operations
Engineers on call evenings and weekends Jan–April. We avoid planned maintenance during your filing window. Priority queue for any tax-software incident.
High-performance workstations
3–4 monitor setups, fast SSDs, RAM sized for complex returns. Remote tax preparation via Citrix or Azure Virtual Desktop when partners work from home.
Secure client portals
SmartVault, ShareFile, and Citrix ShareSync deployments with MFA, conditional access, DLP, and external-sharing controls.
Quarterly business reviews
Your vCIO meets with leadership every quarter — risk register, roadmap, budget. No surprise IT line items at year-end.
FTC Safeguards + IRS WISP. One program.
Two regulators — the Federal Trade Commission and the IRS — both require a Written Information Security Program. We deliver one document that satisfies both, plus the operational evidence to back it up.
Effective June 9, 2023. Nine required elements.
- Written Information Security Program (WISP)
- Designated Qualified Individual (QI)
- Annual risk assessment & report
- Access controls, encryption, MFA
- Vendor management & due diligence
- Incident response plan & testing
- Employee training program
- Continuous monitoring & change management
- Board-level annual security report
The WISP the PTIN renewal asks about.
IRS Publication 4557 'Safeguarding Taxpayer Data' requires every paid preparer to maintain a Written Information Security Plan. Publication 5708 provides the template. The current PTIN renewal application asks whether you have one.
Our WISP is structured to satisfy both the FTC and the IRS in a single document — so you maintain one program, not two, and audit it once a year.
Answers for CPA firm leaders.
Does the FTC Safeguards Rule apply to my CPA firm?
Yes, for nearly every firm. The amended FTC Safeguards Rule (effective June 9, 2023) applies to any 'financial institution' under the FTC's jurisdiction — and the FTC interprets that to include CPA firms, tax preparers, and accounting practices that handle customer financial information. NSN delivers the full lifecycle: Written Information Security Program (WISP), designated Qualified Individual (QI), annual risk assessment, employee training, vendor management, and the annual board report.
Do I also need an IRS WISP under Publication 4557?
Yes. IRS Publication 4557 'Safeguarding Taxpayer Data' and IRS Publication 5708 (the WISP template) require any paid tax preparer to maintain a Written Information Security Plan. The PTIN renewal application now asks for this. The good news: the IRS WISP and the FTC Safeguards WISP can be the same document if it's structured correctly — and ours is.
Can NSN support tax season — January through April 15?
Yes. We monitor uptime around the clock, prioritize incidents touching tax software (UltraTax CS, ProSeries, Drake, Lacerte, CCH Axcess, ProSystem fx Tax), and have engineers on call evenings and weekends during peak season. We avoid planned maintenance during the filing window so our changes don't compete with your deadlines.
Do you support the specific tax and audit software my firm uses?
Yes. We support the platforms used by Tulsa CPA firms — UltraTax CS, ProSeries, Drake, Lacerte, CCH Axcess Tax and ProSystem fx for tax; CCH Engagement, ProSystem fx Engagement, and Caseware for audit and engagement; QuickBooks Desktop and QuickBooks Online for client write-up; SmartVault, ShareFile, and Citrix ShareSync for client document portals. Vendor escalations, version upgrades, and break-fix without the learning curve.
How do you handle the multi-monitor, high-performance setups our staff needs?
We design and deploy CPA workstations with 3-4 monitors, fast SSDs, and the RAM your tax engines actually need to compile a complex return without lag. We also handle the Citrix or Azure Virtual Desktop deployment if your firm needs remote tax preparation — common since 2020 and increasingly the norm.
What about Federal Tax Information (FTI) under IRS Publication 1075?
If your firm handles Federal Tax Information directly — for example through e-file safeguards or specific state agreements — IRS Publication 1075 imposes additional controls on top of Publication 4557. NSN architects and operates Pub 1075-aligned environments when the engagement requires it, including the audit trail, encryption, and access control specifics that IRS Safeguards reviewers examine.
Built for firms like yours.
A 15-minute discovery call to walk through your tax stack, your WISP, and whether we're the right fit.