Cybersecurity Readiness for Nonprofit Accountants, Hosted by Jitasa University

Join Matt Eshleman, cybersecurity expert and author of the re-released Community IT Cybersecurity Readiness for Nonprofits Playbook, in a short presentation on how to use the playbook to protect your organization if you are a financial manager or accountant.

In this video, you will

• Learn about the free downloadable Playbook on Cybersecurity Readiness for Nonprofits and how financial officers and accountants can utilize this Playbook
• Learn the most common scams and trends in cybersecurity for nonprofits
• Understand the current cybersecurity landscape and the role of AI in new risks
• Learn tips for getting buy-in from stakeholders
• Understand cybersecurity training best practices for nonprofit staff

This video is designed for financial professionals in nonprofits, from CFOs to accountants. This Cybersecurity Playbook covers issues and best practices important to any nonprofit staff and leadership; this video concentrates on the questions and issues relevant to financial staff, and is hosted by Jitasa University. You do not need to be an IT professional to find value in this playbook.

Download the free Cybersecurity Playbook here: https://communityit.com/download-cybersecurity-readiness-for-nonprofits-playbook/

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

New nonprofit auditing requirements SAS145 now include IT and cybersecurity compliance. Are you ready?

In 2022 the AICPA Auditing Standards Board (ASB) issued Statement on Auditing Standards (SAS) No. 145,Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement. The new standard became effective for audits of financial statements for periods ending on or after Dec. 15, 2023. For more on SAS 145 changes, read this article in the Journal of Accountancy.

For the first time, SAS No. 145 now provides explicit definitions for the terms general information technology (IT) controls, IT environment, and information-processing controls. In addition, as IT utilization brings additional risk, the new guidance expressly defines risks arising from the use of IT.

As audits proceed with the new guidelines, we expect a learning period for auditors, IT professionals, and nonprofit leaders. If you have questions about what the new requirements entail, you are not alone. Community IT has begun to field questions from our clients and their auditors about IT systems and cybersecurity controls. We will continue to share our insights and advice with our community as audits evolve to incorporate IT security.

Listen to CEO Johan Hammerstrom explain the changes to the guidelines in SAS145 that you will need to know whether you are in nonprofit IT, financial, or leadership roles, or an auditor looking for insights into the IT management side of the new requirements.

Since the new nonprofit auditing requirements SAS145 impact everyone in nonprofits, please contact us if you have more questions we can help with.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

It won’t be a surprise that AI is on everyone’s mind. Matt also shared some thoughts on some year end cybersecurity tips and maintenance to ensure your cybersecurity practices – and permissions – are up to date.

Nonprofit Cybersecurity expert and Community IT CTO Matt Eshleman offered these year-end cybersecurity tips.

• Do a permissions audit at the enterprise level – what are your defaults for sharing, and how are you training your staff to log in to various tools and subscriptions that can access your data?
• At a personal level, what are the safest ways to log on to your accounts? How should you be storing passwords? How are you setting your personal sharing and log in permissions?
• Reviewing these policies and practices – and actually going in to your systems and checking – is a good end-of-year cybersecurity task.
• Consumer Reports has good tools for people who want to reduce their data footprint.

Matt also reported back from the NGOISAC Conference on the trends that the community is seeing. For more information on the NGOISAC cybersecurity community for NGOs and Nonprofits, use this link.

• AI companies are not spending nearly enough on safety as they rush to market their products. That puts it on consumers and organizations to know how to protect themselves.
• AI is increasing the ability of hackers, and in the arms race with protectors, a corresponding use of AI to block phishing and other hacks is playing catch up.
• Nonprofits are going to need to understand our new environment where not just emails will seem realistic but where voice and video fakes will be put in use. Finding old fashioned ways to verify that the person you are interacting with is a person will become more important as AI powers grow.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

If you find yourself with a little downtime, what should you work on?

The Gala is back! If your nonprofit is focused on an end of the year fundraising event, you may find yourself and your IT team with a little extra time on your hands this December as the rest of your staff are pulled away from their desks and are calling the help desk less frequently. Carolyn Woodard reviewed our recent webinars and podcasts for advice on what projects you might want to start now to be ready to hit the ground running in the new year.

Our list of 6 tips for nonprofit IT in December:

1. Do you have an IT Roadmap? This is one of the most important planning documents you can have as a nonprofit IT professional and leader. We have resources on our site to help you get started.

2. Think about policies and governance. This doesn’t mean you have to write them yourself before January. But if you have an hour free, you can go through our checklists of the most important policies to have, and review your existing documents, and be ready to meet with your leadership team in the new year with advice and priorities ready to go.

3. What is your AI policy? We created a policy template specific to nonprofits that you can download and adapt to your own organization’s values and needs. As AI tools and issues come at our organizations faster and faster, make sure you are setting the policy rather than just accepting whatever happens.

4. Map your data. The more AI tools come into use within our organizations, the more important permissions are going to become as those tools interact with our data. Not just with databases, but also with files, AI is going to find whatever it can find. Think about permissions, and training your staff, and how valuable your data is to you and to hackers.

5. A fifth project we recommend is tracking your inventory, subscriptions and licenses. Once you have an inventory system in place – and maybe have discovered you can do a better job of tracking onboarding and off boarding, or where you can be saving money with an enterprise license rather than individual licenses – it gets easier from there.

6. If you still have any time during your down time – we recommend you block off some time to take some tutorials. Did you know that learning a new skill and improving your confidence in new tools can actually lower your stress levels as an IT professional? If you haven’t been making time for learning, and you have a little down time this December, why don’t you see if you can get in the habit?

During the regular hustle and bustle of your IT job you may not feel you have time to get started on any of these important projects, so make time when you have down time to think about what you are missing and where to start. Setting priorities is important too, and being realistic. Maybe one of these projects is plenty! Don’t think you are going to finish any of these projects this December, or that you have to do them entirely on your own. But putting a little prep work in now can help you get them off the ground in the new year, with specific questions for your colleagues and specific goals and strategies.

And won’t that be a great feeling to greet the new year with!

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Are you feeling burned out?
Nonprofit IT can be exhausting. Learn how to de-stress to better tackle your job and help your nonprofit succeed.

There is so much stress in managing nonprofit IT.

There are conflicting agendas, tight budgets, and unrealistic demands.
A lot of us have been burned by IT projects in the past that still give us nightmares. The tool was expensive, required a huge project to implement, took a ton of time, didn’t work, everyone hated it, the training was terrible, and the vendor or consultants or your boss left you holding the bag.

Some executives really do understand how crucial functioning IT is to your nonprofit – to your work life and to your ability to achieve your mission.
But even if you are lucky enough to have a lot of leadership, IT management is still tough. It touches every staff member and even little issues can make your work unworkable. Don’t get us started on cybersecurity fears.

While you work on the big picture of IT management at your nonprofit, don’t forget to work on managing your own stress and avoiding burnout.
With all the recent research and attention paid to self-care in nonprofit careers we wanted to spend a webinar focused particularly on
de-stress and self-care in nonprofit IT roles.

Director of Marketing and recovering IT Director at large and small nonprofits Carolyn Woodard explores the latest research on the benefits of de-stressing and some tips on incorporating self-care in your nonprofit IT management routine.

If your first reaction to the idea of self care is that you are too busy to put it on your to-do list, this is the podcast episode for you.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Do you have an IT roadmap at your nonprofit?
As a nonprofit leader, how can you design an IT roadmap to create value for your organization?

On October 3, 2024 the Center for Public and Nonprofit Leadership partnered with Community IT Innovators to provide a workshop: Design an IT Roadmap to Create Value for Your Nonprofit.

To fully utilize the power of IT to support your nonprofit, you need to have a plan. View the workshop video to learn the steps to create your own IT roadmap and incorporate IT strategy into your leadership and budget practice.

To learn more about the Georgetown Center for Public & Nonprofit Leadership at the McCourt School of Public Policy check out their program here. The Center for Public & Nonprofit Leadership provides advanced education in leadership, public and nonprofit management, advocacy and philanthropy, with domestic and international applications. Their multi-sectoral approach, public policy orientation, and research focus on effective practices, ensure the breadth and relevance of the educational experiences we offer.

They focus on four program areas, found on their website:

Executive Certificate and Customized Programs available online and in person.
Graduate Education
Research that Informs Practice
Local to Global Community Engagement

Thank you, Georgetown Center for Public & Nonprofit Leadership for inviting us to present to your alumni and to Hoyas For Others.

This webinar is appropriate for nonprofit executives, managers, accounting, development, and nonprofit IT personnel – and as with all our webinars, it is appropriate for a varied audience.

Community IT is proudly vendor-agnostic and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Las mejores prácticas para organizar sus archivos en la nube para lograr seguridad y eficiencia.

La organización de archivos en la nube es algo que puede parecer una prioridad menor, en particular con el aumento de las herramientas de búsqueda potentes y ahora con el auge de la búsqueda con inteligencia artificial (IA). Carolyn habló con el invitado Norwin Herrera, IT Business Manager Team Lead de Community IT, para responder a preguntas sobre por qué es importante crear un sistema de organización de archivos, tanto para una mayor ciberseguridad en el mundo de la IA como para la productividad y la eficiencia de su personal. Los consejos para la organización de archivos en la nube incluyen priorizar el proyecto, etiquetar claramente los archivos y crear políticas de gobernanza sólidas y capacitar al personal sobre sus expectativas en cuanto al etiquetado y el guardado de archivos.

Norwin ofrece algunas razones para etiquetar con precisión sus archivos y defiende la necesidad de organizarse en línea. También ofrece consejos para lograr que su liderazgo participe en la definición de sus políticas de organización de archivos y vea las ventajas estratégicas de priorizar este proyecto.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.

Best practices on organizing your files in the cloud for security and efficiency.

Cloud files organization is something that can seem like a low priority, particularly with the rise of strong search tools and now with the rise of Artificial Intelligence (AI) search. Carolyn spoke with guest Norwin Herrera, IT Business Manager, to answer questions about why it’s important to create a file organization system, both for increased cybersecurity in the world of AI, and for the productivity and efficiency of your staff. Cloud file organization tips include prioritizing the project, clearly labeling files, and creating strong governance policies and training staff on your expectations on labeling and saving files.

Having a method and a system is important for safeguarding file access when you use AI tools to search accessible files. It’s also important to create a file retention policy for your organization, and governance around file search.

How can you save money by routinely saving what is important and removing old or misleading files to an archive or deleting them? In addition to spending your nonprofit funds to backup files that are no longer relevant, your staff will spend more time evaluating if the AI search tool has surfaced a relevant or irrelevant file. That staff time is also money.

Norwin provides some reasons to accurately label your files and makes a case for being organized online. He also provides tips on getting your leadership engaged in setting your file organization policies and seeing the strategic advantages to prioritizing this project.

_______________________________
Start a conversation :)

• Register to attend a webinar in real time, and find all past transcripts at https://communityit.com/webinars/
• email Carolyn at cwoodard@communityit.com
• on LinkedIn

Thanks for listening.