Information Security Controls for Nonprofits

By: Peggy JenningsPeggy Jennings

Information technology controls (or IT controls) are specific activities performed by persons or systems designed to ensure that operational objectives are met. Many articles are written today about external information security threats (e.g. data breaches, viruses) but nonprofits must also be wary of internal threats resulting from failure in the design or implementation of IT systems. Protection against internal threats is critical and can be accomplished by designing and implementing a strong control system. Controls that are typically considered include the following:

  • Access and security controls
  • Network security controls
  • Backup and recovery controls
  • Entity-level controls
  • Change management controls

Fraud is on the rise and nonprofits can limit their exposure to fraud by eliminating as many of the existing opportunities as possible. The risk of financial and data loss, interruptions to productivity and potential legal liability require sound internal controls for your information systems.

Eide Bailly’s certified, dedicated Risk Advisory Services specialists have expertise related to specific applications, technical controls, complex systems, information security, fraud and computer forensics and specific software packages. Please click here for more information on these services.

Internal Control Examinations for Nonprofits

By: Doug Cashdoug cash

An internal control examination evaluates the existing internal controls over your nonprofit’s assets. Its purpose is to identify any areas of risk or vulnerability, as well as assure you of where your controls are strong. The assessment includes the following:

  • Interviews of key accounting personnel to identify important cash internal control deficiencies
  • Recommendations for corrections of any key internal control deficiencies identified during the assessment
  • Analysis of selected documents and/or data for anomalies or unusual transactions for a one- to two-month time period
  • A timely and easy-to-understand report providing internal control recommendations and any findings identified

Fraud is on the rise. The Association of Certified Fraud Examiners (ACFE) estimates the average organization loses up to five percent of its revenue to employee theft. The 2016 “ACFE Report to the Nation” indicates that nonprofits suffered a median loss from fraud of $100,000. A nonprofit can limit its exposure to fraud by eliminating as many of the existing opportunities as possible. By conducting an examination of internal control, a nonprofit takes the first step to reduce these opportunities and provide a climate of prevention and detection that promotes an honest working environment.

Any nonprofit organization can be a victim of fraud. The vast majority of organizations, no matter the size, will benefit from having an internal control examination performed. According to the ACFE, “The presence of anti-fraud controls was correlated with lower losses and quicker fraud detection.”

Identifying potential internal fraud risks is not just a matter of good stewardship. It will help your organization improve efficiency and reduce risks—financial, operational, and reputational. Eide Bailly’s Certified Fraud Examiners have the investigative techniques and technical skills needed to detect, investigate and prevent fraud. We work closely with you in a friendly, supportive manner to understand your needs and provide a thorough report to help you make confident decisions to safeguard your organization. Our Forensics staff includes Certified Fraud Examiners, Certified Public Accountants, Accredited Business Valuators, Certified Forensic Interviewers, former law enforcement professionals, and computer forensic specialists. When you work with Eide Bailly, you’ll be connected to the professionals you need to keep your nonprofit on track for success.

The Importance of Understanding Millennials in the Workplace

LauriBy: Lauri Dahlberg, PHR, SHRM-CP

Our work places are changing. For the first time ever, there are four generations in the workplace.  One in particular is unique, and based on their sheer volume and drive, they will change the way we do business.

Millennials are currently the largest generation on the planet, with 75.3 million in the workplace. If you think that’s a lot, then stop to think about this:  that generation is projected to increase to 80.1 million in 2036. And to further illustrate this point, try this on: Millennials will make up half of the workforce by 2020.

Are you wondering why you should care? Well, Millennials come with their own unique perspective, expectations and ambition.  They were shaped by historical experiences that showed them loyalty to corporations isn’t the best (parents laid off, Exxon Valdez oil spill); authority figures can’t always be trusted (Clinton/Lewinsky scandal, Enron); and public places aren’t always safe (OKC bombing, 911, high school shootings).  Due to these experiences, many Millennials have chosen to build their own path and not wait for things to happen.  Their mentors/idols include people who took ideas and made billions (think Mark Zuckerberg with Facebook and reality tv stars like the Kardashians).

More than that, they’re changing the workplace dynamic. Millennials have a strong desire to make the world a better place. Millennials are more globally aware and focused than any other generation, according to New York Times in Education. They are also more networked and more aware of things going on real-time, thanks to technology.  Since many of them grew up constantly connected, they are incredibly transparent, showing the good and the bad through social media and in conversation.  But it doesn’t just stop with them – they expect others to be transparent too.

If you manage Millennials, it’s important to understand where they’re coming from and what drives them. Millennials hunger for growth, development and advancement.  They want what they do to have meaning and to make a difference.  They enjoy working in teams and succeeding with other people.  They have a strong need to be autonomous (micro-managers need not apply), and want to find a better, faster way to get the job done.  Most importantly, they want to be kept “in-the-know” and given information, even if it isn’t necessarily relevant to them (see note on transparency above).

Millennials will soon outnumber Baby Boomers and Generation X. Due to predicted workforce shortages, employers will need to shift their current way of doing business to accommodate the style of the Millennial. How do you do this? Here are a few tips:

  • Provide training that is hands-on.
  • Allow work to be accomplished in groups or teams.
  • Allow Millennials to review a process and then make recommendations on how to improve it.

Millennials are among us – many in leadership roles already. It’s time we take them for who they are and harness their positive qualities to improve our organizations.  Encourage their entrepreneurial spirit and transparent drive … or they’ll find a different workplace that will.