12 technology do’s and don'ts for not-for-profit organizations
AICPA logo
AICPA logo
  • Home
Giant server room

12 technology do’s and don'ts for not-for-profit organizations

3 years ago · 2 min read

Technology is making headlines daily. And rightfully so. Change is coming at a rapid pace! With so much information to sort through, this can be a common source of overwhelm. Knowing what is relevant and what to focus on can be a challenge for organizations—especially not-for-profits, whose resources are often limited. To make sense of it all, NFPs need to understand the applicable legal and regulatory requirements, as well as marketplace technology trends.

Having effective technology requires an intentional investment of time and money. Before you invest in technology, take the time to evaluate your people, their experience, and your processes so that you understand your gaps and opportunities. Hardware, software, and technology best practices all require experienced staff. If the experience isn’t on the payroll, you may need to hire it out. It’s also important to understand that software is a tool that allows you to be more effective and efficient; it doesn’t fix a broken process. Build time into your workload to revisit operational processes periodically, especially when there is staff turnover and when you implement new accounting standards, tax regulations, and business plans.

Many organizations overlook strategy when talking about technology. You need a well-thought-out IT roadmap that aligns with the organization’s strategic plan. Of course, this IT plan will require resources that are allocated through the operating and capital budgets. Once it’s implemented, evaluate the IT plan’s effectiveness with metrics. For example, if your goal was to increase donor retention by 2%, did the hardware, software, IT systems, and IT processes help accomplish that goal? IT exists to help drive the business and should be assessed as such.

To keep it simple, remember these do’s and don’ts when it comes to IT.


  • Ignore IT needs and ideas or fail to transform IT staff from back-office staff to strategic partners.

  • Get caught without governing IT policies.

  • Neglect to train staff on using technology and the related risks.

  • Neglect to provide oversight of technology vendors or volunteers, especially when it comes to security.

  • Buy next-generation IT solutions without understanding the WHY behind them.

  • Buy any solutions without determining the organization’s functional requirements.


  • Invest in technology as a professional development area.

  • Perform annual penetration tests.

  • Clean up and maintain your data.

  • Get a handle on compliance, including contracts.

  • Have insurance.

  • Use mission, vision, and strategy as your filter in making IT-related decisions.

Not-for-profits don’t always have a dedicated IT department and/or the resources to upgrade hardware and software, but they often have a higher necessity to stay compliant. With the level of community support they receive, not-for-profits must protect their assets and data to retain the public’s trust.

Find additional resources covering technology and cybersecurity for not-for-profits in the AICPA Not-for-Profit Section’s Governance and Management Resource Library.

What did you think of this?

Every bit of feedback you provide will help us improve your experience

What did you think of this?

Every bit of feedback you provide will help us improve your experience

Mentioned in this article



Manage preferences

Related content