Policy

Tag Archives

Cyber Security FAQ: Why Charities Can’t Afford to Ignore the Risk from Malware

The world of cyber crime can seem murky and mysterious – cyber criminals are, after all, a faceless threat and charities are focused on the here and now, running their day to day operations and making a difference. But weapons such as malware are indiscriminate, and anyone can be stung. That is why in this article we try to shed some light on the world of malware, with help from cyber security experts Avast.

Q: What is malware?

A: Malware (short for malicious software) is a common tool that cyber criminals use to get inside devices, take control of them or steal information.

In much the same way as the common cold, malware (short for malicious software) is easily caught and always evolving. It continues getting faster and cleverer, finding new ways to access your charity’s devices or network. And just like a cold, it’s much easier to prevent it than it is to deal with its effects once it’s taken hold.

Q: Are charities at risk from malware?

A: Yes. Just like commercial organisations, charities hold valuable data that cyber criminals will trade for a high price on the black market. Malware is one common (and easy) way of stealing that data.

One in five charities were affected by a breach of their data last year, costing them an average of £9,470 to fix what could have been prevented for a tiny fraction of that cost.

But monetary cost is just the tip of the iceberg. Whether or not data is stolen or recovered, the charity sector exists on a foundation of trust. Charities simply cannot afford anything that damages their reputation in the eyes of the public, their stakeholders, service users or supporters.

Added to this, charities running a tight shift to deliver critical services to their communities and service users often rely on the use of data and computers. The resulting downtime from dealing with a malware infection is just not an option.

All of this makes malware a significant threat to charities.

To read the full Charity Digital News article click here.

Source: Charity Digital News


Five Free Efficiency-Driving Tools for Charities

Managing teams and projects is hard – especially on a tight budget. Fortunately, there are lots of free tech tools for charities which can help boost productivity, save time, and allow charities to focus on the mission.

Whether you’re communicating with teams working across multiple locations, organising the next charity fundraiser, or trying to find a date for the next board meeting, trialling some of the latest efficiency tools for charities can help, especially when they’re entirely free or offer free basic options.

See also: The best online fundraising platforms for charities click here.

Collaboration app for charities – Slack

Slack is an essential productivity tool to help charities of all sizes streamline their communication with staff, volunteers and external teams. The messaging app that allows teams to communicate in a quick, informal manner.

Comparable to WhatsApp’s improved group text messaging over traditional text messages, Slack delivers a similar service tailored for the business environment. Conversations can be direct or arranged around Teams (Finance, Service Delivery, etc.) or Projects (Fundraiser, Website Launch, etc.), documents can be shared, and users can be tagged on items so to ensure they are alerted to things key for them to look at. Slack can also integrate with a number of other tools, such as Google Calendar, Outlook, and Trello.

To read the full Charity Digital News article click here.

Source: Charity Digital News


Get Your House in Order Before You Recruit Volunteers

Are you thinking of recruiting some new #volunteers when the summer is over? What do you need to consider before even starting?

Traditional routes to volunteering are changing and organisations are competing for volunteers. Those who donate time want to know it is well spent, that work is well organised and their contribution is valued.

Volunteers are any age. They may be school children, young people, parents or family members, or retired. Different groups may have varying approaches to volunteering. Stop to consider your target audience and what you want the volunteers to get involved in with your organisation.

It is important volunteers are clear about their roles and the support they can expect from an organisation.

Organisations need to have systems and procedures in place to ensure their volunteers have a great experience.

Giving volunteers a quality experience

In January 2019 NCVO has published a new report Time Well Spent on the volunteer experience. This national survey of over 10,000 respondents found there are eight key features that make up a quality experience for volunteers:

  1. Inclusive: welcome and accessible to all
  2. Flexible: takes into account people’s individual life circumstances
  3. Impactful: makes a positive difference
  4. Connected: gives a sense of connection to others, to the cause and/or an organisation
  5. Balanced: does not overburden with unnecessary processes
  6. Enjoyable: provides enjoyment, people feel good about what they are doing
  7. Voluntary: the volunteer has freely chosen to do it
  8. Meaningful: resonates with volunteers’ lives, interests and priorities

Volunteering may be regarded as a way to learn new skills, meet new friends, or make a valuable contribution to a cause. It may lead to employment and new careers.

Useful links:
For more information on good practice methods for recruiting volunteers you can download the Investing in Volunteer quality standard framework

Volunteer placements, rights and expenses (Direct Gov).

NCVO Know How.

Source: NCVO


HMRC’s Criminal Offences For Failing to Prevent Tax Facilitation – What They Are and What to Do

HMRC is reminding companies and partnerships (including charities) that they can be criminally liable if they fail to prevent their staff or those that represent them from facilitating illegal tax evasion.

The offence, which came into force in September 2017, does not substantially alter what is illegal tax evasion, but focuses on who is held accountable for enabling or allowing it.

Rather than try and attribute illegal tax evasion to an organisation, it focuses on the failure of that organisation to prevent those who work for, act for or on behalf of from committing criminal tax evasion.

HMRC has published information about this, including what organisations can do to build their internal procedures in light of the offences. The ‘corporate criminal offences’ can also be found in Part 3 of the Criminal Finances Act 2017.

HMRC has also launched a new dedicated self-reporting route for organisations that have failed to prevent the facilitation of tax evasion. Find out how to self-report, and why it may be in an organisation’s interest on the Tell HMRC your organisation failed to prevent the facilitation of tax evasion webpage on GOV.UK.

If you have any queries about preventing tax facilitation please contact HMRC.

Source: Charity Commission Newsletter issue 63


Charities Working Internationally: How to Assess Risk

Charities working internationally can face certain risks because of their operating environment including the application of financial sanctions, greater levels of corruption or criminal activity, the presence of terrorists, proscribed groups or designated entities.

The Charity Commission, as a risk-led regulator, we focus on areas of higher risk and we expect the same of trustees. The Charity Commissions International Charities Engagement Team recently published a blog to help you assess risk more effectively. It also includes links to risk management tools, which can help you protect your charity from harm.

How to assess risk for charities working internationally.

Source: Charity Commission Newsletter issue 63


Extended Date for Changes to Public Display Names on the Charity Register

As part of changes to the Charity Commission’s online services, if current trustees have used a public display name on the charity register their full legal name will be displayed to the public, unless they apply to have it removed. This is known as a dispensation.

These changes were due to happen this year (2019) but we have extended this to give trustees more time to apply for a dispensation if needed. The changes will now happen from 1 April 2020.

We can grant a dispensation if displaying a legal name to the public could put the relevant person or people in personal danger. Dispensations will not be granted automatically.

Find out about display name changes and how to apply for a dispensation.

If trustees have already been granted a dispensation for their legal name not to be displayed to the public on the register, this will be retained. There is no need to apply for a dispensation again.

Source: Charity Commission Newsletter issue 63


Cyber crime and reporting to the Charity Commission

The Charity Commission recently issued an alert to the charity sector about cyber crime and how to report it to them.

Cyber crime has a number of definitions but will usually involve attacks on, or through, computer systems and networks. It often includes theft of data or disruption of systems to enable further crime.

Dependant on the nature of these crimes, trustees, staff, volunteers and beneficiaries of charities may be adversely affected. Negative publicity could also impact on public trust and confidence in not only the charity affected, but the sector as a whole.

The alert explains more about this growing threat, and also includes links to useful guidance and tools to help you protect your charity.

Source: Charity Commission Newsletter issue 63


New Guidance for Charities with a Connection to a Non-Charity

If your charity has a close relationship with a non-charitable organisation – such as its founder, trading subsidiary, or a regular partner – you must manage the connection in your charity’s best interests and protect its independence. You need to plan for the risks as well as the benefits that the connection can bring.

The Charity Commission’s new guidance for charities with a connection to a non-charity will help you to do this. It draws together relevant law and practice, setting out 6 principles to help trustees run and review these connections.

It follows concerns that some relationships between charities and non-charities have damaged public confidence in charity. It will also help us, as the regulator, to better hold charities to account against existing rules.

Source: Charity Commission Newsletter issue 63


Beyond Charity Risk Registers

Charity risk management has traditionally been undertaken by identifying as many risks as possible and then applying an impact/likelihood scoring matrix. This may be undertaken at team, department and then board level. The resulting risk register will be extensive and so the board typically focuses on the top ten highest scoring risks. In practice, however, this leads to much debate and discussion on the scoring methodology and distracts attention away from how the risks are actually being managed.

To achieve better governance of the key strategic risks, many boards accept that there will be a set of headline risks (usually five, but up to six) which will always be key for their organisation. And it is likely that these are similar across many organisations. This does away with the need for subjective scoring methods and an arbitrary cut-off for risks that get board focus (it will always be the eleventh charity risk that comes back to bite you!).  It also saves much time and debate at board meetings.

To read the full Directory of Social Change article click here.

Source: The Directory of Social Change


Improving Your Charity Finance Function

Many finance managers wish they could spend more time actually planning – thinking about the business and contributing to strategy. Instead they feel bogged down by the basic-level bookkeeping, correcting mis-codings, chasing paperwork and producing endless spreadsheets. Sayer Vincent take you through how to improve your charity finance function.

So where to start? Break the overall task down into a series of manageable steps. You do not have to do them in a strict order and your own particular circumstances might help you to focus on the right area first.

1. Free up some time

A good first step is to stop doing something so that you can free up some time. Consider some of the reports you write – do people actually use these? One way to find out is to stop sending them – see if anyone notices! More seriously, it is possible to ask for a moratorium and you can pick the time when you do this – first quarter management accounts comparing actual to budget do not usually reveal much and so may not be missed by managers.

2. Analyse existing data

Could you analyse existing data further and present it a different way in order to provide some useful information for managers? This does not have to be complicated – a recent example was some analysis that a new finance manager undertook for a charity. He showed managers the level of take-up needed for a particular type of project to breakeven. The managers were astounded, as they had been asking for similar information for years and had always been told it was too difficult. Now they could look at their decision-making process afresh and develop clear financial criteria for closing projects and opening new ones. This was an important step for that finance manager, as he now has credibility with other managers.

3. Reduce the number of errors

It is frustrating for finance departments and other staff to waste time sorting out mistakes. Even if the error is caused by staff outside the finance department, it still reflects on finance and undermines the confidence others have in their work. Having demonstrated that the finance department can add value, you can now ask others to make changes to the way they do things. You will need to find out the cause of the errors. In one example, the cause was an old print out of the chart of accounts which was completely out of date, so people were using the wrong codes. For years, the finance staff had simply been correcting these codes.

To read the full Directory of Social Change article click here.

Source: The Directory of Social Change


Page 1 of 15123...Last