Information security is a significant business issue that is only becoming more important as technologies advance and not-for-profits (NFPs) become more sophisticated in using them. Information security threats may be external, as in the case of data breaches or viruses, or internal, as a result of a failure in the design or implementation of IT systems or misuse of data by employees. To protect your organization, consider implementing the following internal controls.
This list includes common controls that are typically