Sample Security Policy for CPA Firms


This free sample policy provides a great starting point, and you can adapt it to meet your firm's unique needs.

Gain Access

Having an official policy is a key requirement of running a secure, PCI-compliant firm. If you haven't documented your firm's security policy yet, we're here to help you get it done.


This free sample policy provides a great starting point, and you can adapt it to meet your firm's unique needs.

The document addresses:



  • Ethics and acceptable use
  • Protecting stored data
  • Restricting access to data
  • Security awareness and procedures
  • Incident response plan
  • and more...