Information Security Controls for Nonprofits

By: Peggy JenningsPeggy Jennings

Information technology controls (or IT controls) are specific activities performed by persons or systems designed to ensure that operational objectives are met. Many articles are written today about external information security threats (e.g. data breaches, viruses) but nonprofits must also be wary of internal threats resulting from failure in the design or implementation of IT systems. Protection against internal threats is critical and can be accomplished by designing and implementing a strong control system. Controls that are typically considered include the following:

  • Access and security controls
  • Network security controls
  • Backup and recovery controls
  • Entity-level controls
  • Change management controls

Fraud is on the rise and nonprofits can limit their exposure to fraud by eliminating as many of the existing opportunities as possible. The risk of financial and data loss, interruptions to productivity and potential legal liability require sound internal controls for your information systems.

Eide Bailly’s certified, dedicated Risk Advisory Services specialists have expertise related to specific applications, technical controls, complex systems, information security, fraud and computer forensics and specific software packages. Please click here for more information on these services.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s