Cybersecurity Readiness for Nonprofit Accountants, Hosted by Jitasa University

Join Matt Eshleman, cybersecurity expert and author of the re-released Community IT Cybersecurity Readiness for Nonprofits Playbook, in a short presentation on how to use the playbook to protect your organization if you are a financial manager or accountant.

In this video, you will

• Learn about the free downloadable Playbook on Cybersecurity Readiness for Nonprofits and how financial officers and accountants can utilize this Playbook
• Learn the most common scams and trends in cybersecurity for nonprofits
• Understand the current cybersecurity landscape and the role of AI in new risks
• Learn tips for getting buy-in from stakeholders
• Understand cybersecurity training best practices for nonprofit staff

This video is designed for financial professionals in nonprofits, from CFOs to accountants. This Cybersecurity Playbook covers issues and best practices important to any nonprofit staff and leadership; this video concentrates on the questions and issues relevant to financial staff, and is hosted by Jitasa University. You do not need to be an IT professional to find value in this playbook.

Download the free Cybersecurity Playbook here: https://communityit.com/download-cybersecurity-readiness-for-nonprofits-playbook/

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

New nonprofit auditing requirements SAS145 now include IT and cybersecurity compliance. Are you ready?

In 2022 the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 145,Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement. The new standard became effective for audits of financial statements for periods ending on or after Dec. 15, 2023. For more on SAS 145 changes, read this article in the Journal of Accountancy.

For the first time, SAS No. 145 now provides explicit definitions for the terms general information technology (IT) controls, IT environment, and information-processing controls. In addition, as IT utilization brings additional risk, the new guidance expressly defines risks arising from the use of IT.

As audits proceed with the new guidelines, we expect a learning period for auditors, IT professionals, and nonprofit leaders. If you have questions about what the new requirements entail, you are not alone. Community IT has begun to field questions from our clients and their auditors about IT systems and cybersecurity controls. We will continue to share our insights and advice with our community as audits evolve to incorporate IT security.

Listen to CEO Johan Hammerstrom explain the changes to the guidelines in SAS145 that you will need to know whether you are in nonprofit IT, financial, or leadership roles, or an auditor looking for insights into the IT management side of the new requirements.

Since the new nonprofit auditing requirements SAS145 impact everyone in nonprofits, please contact us if you have more questions we can help with.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

It won’t be a surprise that AI is on everyone’s mind. Matt also shared some thoughts on some year end cybersecurity tips and maintenance to ensure your cybersecurity practices – and permissions – are up to date.

Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered these year-end cybersecurity tips.

• Do a permissions audit at the enterprise level – what are your defaults for sharing, and how are you training your staff to log in to various tools and subscriptions that can access your data?
• At a personal level, what are the safest ways to log on to your accounts? How should you be storing passwords? How are you setting your personal sharing and log in permissions?
• Reviewing these policies and practices – and actually going in to your systems and checking – is a good end-of-year cybersecurity task.
• Consumer Reports has good tools for people who want to reduce their data footprint.

Matt also reported back from the NGOISAC Conference on the trends that the community is seeing. For more information on the NGOISAC cybersecurity community for NGOs and Nonprofits, use this link.

• AI companies are not spending nearly enough on safety as they rush to market their products. That puts it on consumers and organizations to know how to protect themselves.
• AI is increasing the ability of hackers, and in the arms race with protectors, a corresponding use of AI to block phishing and other hacks is playing catch up.
• Nonprofits are going to need to understand our new environment where not just emails will seem realistic but where voice and video fakes will be put in use. Finding old fashioned ways to verify that the person you are interacting with is a person will become more important as AI powers grow.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.