Skip to main content
FREE RESOURCE

Is your NFP's IT actually
protecting donors and beneficiaries?

Australian NFPs are attacked because they look soft, not because they look rich. The good news is the controls that matter most are also the cheapest to put in place. This audit walks you through them, scoped to a small NFP budget.

CHECKLIST · 8 PAGES · 10 MIN

Get the audit, sent to your inbox

Your email + business name. That's all. We send the PDF immediately and add you to Tech News Monthly (unsubscribe any time).

Download the audit

Instant access. No credit card, no phone call.

By downloading you agree to receive Tech News Monthly (monthly summary of cyber + IT news for Aus SMBs). Unsubscribe any time. See our privacy policy.

What's inside

  • Identity and access checks for donor CRM, M365 charity tier, and grant portals
  • Where donor and beneficiary data should live
  • Bank-detail and grant disbursement fraud defence
  • The three things every NFP should fix first

Format

8-page PDF · A4 · ~329 KB · readable on any device

IS THIS FOR YOU

Written for Australian NFP and community service executive officers and operations managers

You'll get value from this if

  • You run a small to mid Australian NFP and want a structured IT security review
  • You are eligible for Microsoft 365 Business Premium for charities and want to use it well
  • A funder asked about your cyber posture or data protection controls

This is not

  • Advice on grant compliance, ACNC reporting, or sector regulator requirements (NDIS, Aged Care)
  • A formal IT audit (that is the CIO Tech IT Audit, fixed scope, fixed fee)
  • A substitute for staff and volunteer training

Cyber Posture Snapshot

Your details 1 / 10

How exposed is your business?

Six quick questions, two short ones to tailor the result, and you'll see where your business stands. About two minutes. Plain English, no jargon.

We'll use your email to send a copy of your result. No spam, no pushy sales calls.

Question 1 of 9

When your team logs in to email and business apps, do they need a code from their phone as well as a password?

Question 2 of 9

If a ransomware attack locked all your files tomorrow, could you restore them from a backup?

Question 3 of 9

When Microsoft or Apple release a critical security update, how fast does it land on your computers?

Question 4 of 9

How many people in your business can install software or change system settings on any work computer?

Question 5 of 9

If a staff member got a fake invoice or "urgent" email pretending to be from you right now, what would happen?

Question 6 of 9

When a staff member leaves, when does their access to email, files, and apps actually get cut off?

Question 7 of 9

How many people work in your business?

Question 8 of 9

Who looks after your IT today?

Question 9 of 9

What sort of business are you?

Tailoring your result...

Hi there, here's where your business stands.

Your Cyber Posture
Critical gaps Critical
Notable exposure Notable
Mixed picture Mixed
On the right track On track

Notable exposure

Your two biggest gaps

  1. 1
  2. 2

Where this leaves you on Essential Eight

  • MFA Multi-factor authentication
  • Backups Regular backups
  • Patching Covers 2 of 8: Patch applications + Patch operating systems
  • Admin access Restrict administrative privileges

This snapshot covers 5 of the 8 Essential Eight controls. The full IT Maturity Assessment covers all 8, plus Microsoft 365 hardening, device management, and staff training.

What to do next

Primary CTA

Secondary CTA