Cyber security has become a leading cause for concern among managers at nonprofit organizations. Some 81 percent of 470 respondents ranked cyber security as among the top 10 risks in their organization, including 24 percent of those surveyed who ranked it in the top three.
In write-in responses not included in the final version of CohnReznick’s new 2015 Not-For-Profit Governance Survey, those respondents counted securing IT, managing and retaining data, ensuring privacy, managing system implementation, managing IT investments and upgrades, preventing and responding to computer fraud, managing vendors and service providers and leveraging new technologies as other primary concerns, according to Kelly Frank, a partner at CohnReznick, a New York City-based, national accounting firm.
“You can see they are all kind of under security,” Frank said. “They took it a step further and wrote it in exactly. They specified it a little bit better.”
Frank said that high-profile instances of hacking such as the wave of celebrity personal photos leaked on the web last year have organizations concerned about the security of their data.
Despite these concerns, CohnReznick noted in the report that just 11 percent of organizations represented had a risk or information technology committee of the board. Citing an Association of Certified Fraud Examiners 2014 report, CohnReznick stated that organizations that have implemented proactive data monitoring and analysis saw a 59.7 percent reduction in loss based on having the controls in place.
Conducted during an eight-week period this past spring, the second-annual survey was distributed via email to nonprofit industry professionals and board members across the country.
Of this year’s respondents, 58 percent represented organizations with annual revenues ranging from $1 million to $25 million, with 18 percent reporting on behalf of organizations that generated revenues of $25 to $50 million in 2014. Half of respondents reported revenue increases between less than 1 and 5 percent with 28 percent of organizations reporting increases of greater than 5 percent.
The accounting firm focused on nonprofit stewardship and risk management in this year’s survey. While 87 percent of the respondents reported that they had implemented key governance initiatives, about 40 percent claimed that they felt either “somewhat confident” or “not confident” in their practices.
Additionally, half of respondents reported that governance was a topic discussed at board meetings, with regulatory concerns being discussed by just 25 percent of respondents and risk management covered by just 20 percent of organizations’ boards.