The Technology Affinity Group (TAG) conducted a survey earlier this year to give us all a better understanding of the technology environment, practices and perceptions of its member organizations and their peers throughout North America. Nearly 200 foundations responded to the 33 questions over the course of 6 weeks. Their input provides valuable insight into the current state of technology in philanthropy.
While the survey built upon past surveys which focused on IT tools, management and security, this year it also included questions on some new topics. Diversity, equity and inclusion (DEI) training and programs, as well as the integration between IT and program teams were new areas of focus.
I will highlight some of the key findings in the survey, but you can read the public summary report (published on November 8, 2018) for yourself, here. And if you are a TAG member and really want to get down into the nitty-gritty data, that is also accessible via the above link.
Perception, Support and Integration of IT
60% of respondents to the TAG survey say that they believe IT is perceived as a strategic partner or leader in their organizations, although community foundations see this to a lesser degree than private or family foundations. (On the other hand, 80% of community foundations do perceive a high degree of support from their executives.)
The mean ratio of non-IT to IT staff among all survey respondents is 17:1, although community foundations have a higher ratio of 21:1.
While a small number of IT staff are included in program strategy (19%), an even smaller number (only 10%) say they are involved in any grant-making decisions.
The outsourcing of IT services among philanthropic organizations continues an upward trend, with 48% now reporting that they fully outsource their email services, and 67% outsource all network administration and WAN services.
In a nutshell: The majority of IT staffers at foundations feel they are treated with value, whether as strategic partners or leaders, or that their work is at least strongly supported by executives. On the other hand, it appears from the results they may be under-utilized in the areas of program strategy and grant-making decisions (or at least with respect to grant-making operations and tools).
Diversity, Equity and Inclusion (DEI) in IT Departments
Questions in the TAG survey about diversity and inclusion were divided into two areas:
- Programs in place
- Training available.
Programs in question included recruitment of diverse candidates, development of a pipeline of diverse leaders, and targeted development opportunities for diverse employees. Training questions focused on embracing differences in the workplace, overcoming unconscious bias, and teaching leaders how to manage diverse populations.
As it turns out, while the conversation on DEI may be underway in foundations as a whole, 51% of respondents said their IT departments do not have any DEI programs in place. And 40% of IT departments are not offered any type of DEI training. Nonetheless, 70% of respondents did not see diversity as a barrier to progression within their organization.
To boil it all down: While DEI programs and training seem to be in place in foundations as a whole, a slight majority of IT departments report not having any programs in place, and many are not offered any type of training. Yet the majority of respondents do not see this as a barrier for opportunity.
Security Breaches & Practices
21% of respondents reported experiencing a security breach at their foundation in the past 2 years, with ransomware attacks being the largest single cause of all breaches, at 38%. In terms of security tools being utilized, all reported having basic firewall, email filtering and antivirus tools in place, but only the highest asset organization (those with over $1 billion) have widely adopted more advanced tools like intrusion detection, multi-factor authentication, and single sign-on.
Nonetheless, the primary factor in determining which organizations were more likely to be hacked was security awareness. Of respondents who did not report a breach when compared to those who did, more were likely to have a security awareness policy (60% to 40%) and to hold security awareness training (51% to 23%).
Summing it up: While a fifth of respondents reported being hacked (and the majority of those hacks having involved ransomware), it seems as though security training and awareness trumps security tools alone in terms of preventing attacks.
Tools & Technology
The use of specific grants management software tools seems to have stabilized but is slowly shifting with established providers sharing the market with newer options based on Salesforce. The TAG survey found that for constituent relationship management (CRM), the majority of organizations primarily use the existing functionality within their grants management system or Salesforce, or they simply do not use CRM at all. Also, while the choice of project management software appears to be quite varied, a full 34% do not use any project management software. Finally, cloud-based services for document sharing, collaboration and storage are commonly used, with 40% using Microsoft OneDrive and 34% using Dropbox. Also noteworthy is that for document storage alone, 37% report using Windows file server to some degree.
To make a long story short: Other than with the use of cloud services for collaboration and documentation, the foundations who responded to the TAG survey do not seem to be standardizing on a singular path of software when it comes to grants management, CRM or project management.
Wrapping it up
How does this align with what we’ve seen in our work with philanthropic organizations? Here are our thoughts.
- We’re not surprised to see increasing cloud adoption. This is a trend we’ve seen among for-profit as well as non-profit organizations.
- The lack of standardization in project management tools is not surprising. Different people want to do different things related to tasks, assignments and timing. Traditional project management software has a lot of capability, but that comes with a big learning curve before users can be effective. That’s why we’ve seen more focused solutions such as Asana, Planner, Basecamp and others.
- The shift in grant-making software is interesting. A few years ago, Fluxx was more for early adopters. Now, we’ve talked to a number of organizations that have adopted it. Grant-making organizations are increasingly looking for hosted or cloud-based solutions.
- It’s great to see that security awareness training seems to correlate with a reduction in successful hacking attempts. Don’t think, though, that awareness is all you need. Remember, the bad guys are constantly moving the goalposts!
- It’s great to see that IT organizations feel they’re perceived as strategic partners (see this).
- We would guess that we’re early in the cycle of promoting diversity, equity and inclusion initiatives. We would expect to more participation in these programs next year. IT has the benefit of a pragmatic approach—whatever will work—and adoption of a DEI outlook in hiring, training and promotion shouldn’t be hard to sell to this community.
As this blog is just a summary of a summary, I strongly encourage everyone to hit up the link in the first section and check out the actual report. There you will find more details about the TAG survey itself, more specific breakdowns of findings, and charts. And hopefully, your organization can take ideas and glean lessons from these findings to positively impact (and simultaneously protect) your future work.