> For the complete documentation index, see [llms.txt](https://wisp.vintti.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://wisp.vintti.com/8.-maintenance-and-review-of-the-wisp/8.1-review-and-update-schedule.md). # 8.1 Review and Update Schedule a. **Annual Review**: The WISP will be reviewed at least annually by the Information Security Officer, in collaboration with relevant departments, to ensure that it aligns with current business objectives, technology infrastructure, and legal requirements, especially considering the cross-border nature of the services. b. **Following Significant Changes**: Any significant changes to business operations, technology, laws, or regulations that may affect the security of information shall trigger an immediate review of the WISP. This includes changes to IRS requirements or regulations related to remote staffing in either South America or the United States. c. **Quarterly Security Assessments**: Quarterly security assessments will be conducted to evaluate the effectiveness of current security measures. These assessments will include penetration testing, vulnerability scans, and a review of access controls, particularly focusing on remote access given the nature of the business. d. **Documentation and Reporting**: All reviews, updates, and security assessments shall be fully documented. Any modifications to the WISP must be approved by the Information Security Officer and communicated to all relevant personnel. e. **Third-Party Review**: Considering the cross-border operation and the potential legal complexity, an independent third-party review of the WISP may be conducted every two years or as required by regulations. f. **Employee Training Updates**: Following any update or change to the WISP, all employees, including remote staff, will be retrained or briefed on the changes as they apply to their roles and responsibilities within the company. g. **Client Communication**: Any significant changes to the WISP that affect client data or operations shall be communicated to the U.S. based Accounting Firms in a timely manner, following the established communication protocol. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://wisp.vintti.com/8.-maintenance-and-review-of-the-wisp/8.1-review-and-update-schedule.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.