M+A Partners HomeBlogCyber Security for Charities

Charities, like any other business or organisation, are at risk from cybercrime.

Having a recognisable, online presence is now customary for most charities. A website is an effective way to raise awareness of a charity’s work and fundraising campaigns. However, an established online identity can present an element of risk, as fraudsters have been known to assume the image and reputation of a charity to create unlawful fundraising sites.

The Fraud Advisory Panel and the Charity Commission have collaborated to create the Preventing Charity Fraud website to help charities take steps to understand the risks their organisation faces from cybercrime.

Assessing security controls

Resources available within the Preventing Charity Fraud site include a Fraud Risk Assessment template, helping charities to identify the threats they may encounter and to actively consider the controls they have in place to mitigate these. It is important for any organisation, no matter their size, to think about the possible limitations of their security measures and how fraudsters may exploit weaknesses or find ways to circumnavigate their controls.

Educating to safeguard your assets

The National Cyber Security Centre (NCSC) offers training for small organisations and charities – their package is free to use and covers five key areas.

  1. Backing up your organisation’s data correctly.
  2. Protecting your organisation against malware.
  3. Keeping the devices used by your employees secure.
  4. The importance of creating strong passwords.
  5. Defending your organisation against phishing.

Educating employees on the risks of cybercrime is one of the most important steps in protecting your organisation. The NCSC cyber security training can be accessed here.

It is sometimes the case that there are simply not the resources to have rigorous cyber security policies in place within a charity. Therefore, educating employees on the common threats can be a very effective frontline defence. NCSC also offer a 30 minute Staying Safe Online: Top Tips for Staff course – reiterating the basic steps that can be taken to keep your organisation secure.

Written by

Frank Shippam
Partner
BIO
Frank joined M+A Partners at the beginning of March 2008 having previously been an Audit Manager at PKF in Norfolk and Moore Stephens in Jersey.

Frank has over 20 years' experience of managing audits across a wide range of sectors and advising clients on technical financial reporting issues. “Whilst ensuring all compliance issues are addressed, we invest in getting to understand our clients to deliver advice that is practical and relevant to them.”

Frank has an ICAEW Diploma in Charity Accounting and considerable experience of advising not-for-profit organisations on technical and strategic issues. He has managed the audits of entities in the education sector, including Academies, and advised schools on their internal controls and procedures.

Frank is also a primary school governor and a trustee of the charity Break.
EXPERTISE
  • Accounting Services
  • Audit and Assurance
CONTACT