At the end of last year, I hosted an AI Adoption Strategy webinar. When I asked the attendees from 30+ organisations how they were using AI now, only 7% had such policies in place, while 67% admitted they had scattered use of AI throughout the organisations.
So, out of 30 organisations, only 2 had relevant policies despite ChatGPT being available for over 2 years now.
Not for Profits are putting themselves at serious risk by not having the appropriate guardrails in place for their staff’s use of IT, including AI.
Further, the speed of IT change impacting both individuals and organisations hasn’t been this fast since probably the last 90s when the internet exploded with websites and new digital-first businesses and applications.
With this, government policy hasn’t kept up either and so organisations are rightfully putting their own guardrails in place, only… even they are not able to keep up.
Examples of the speed of IT Change
AI has obviously influenced this speed of change, and here are some of the examples that I have witnessed in the last 12 months from my experience working with Not for Profit clients:
- Out-of-date policies: New policies and new documents are published after going through various approval processes, only to be out of date within months.
- 3rd party partners’ use of AI: Vendors, third-party partners and other entities you work with are increasingly using AI with your data without transparency or your permission.
- Freedom of Information Requests for AI chat records: Recently, Australia’s national security chief was issued with an FOI request for AI chat records related to its use in speeches and communications.
- AI Browsers: Almost all major AI providers have turned on AI browsers in recent months, allowing the browser to see what you are working on when used, possibly breaking privacy policies.
- AI Note Takers: Those you see in meetings and now those you can’t see (like Granola.ai) are recording your conversations and potentially using them to train their models, breaking privacy rules again.
These new(ish) AI tools and issues above have become very apparent as risks in just the last few months – forcing changes to everything from policies to Non-Disclosure Agreements and Requests for Tenders (RFTs).
How do you keep up with this speed of IT change?
I subscribe to dozens of newsletters and periodicals and attend a ridiculous number of conferences and webinars to keep up with changes that could impact my Not for Profit clients. While it’s my role to sift through all this information, in reality, most of it is just noise with very little relevance.
So, how can you keep up with your limited time?
Here are some ideas:
- Monthly reporting from your MSP or internal IT team – While you may already get a simple report, ask them to add a few more items like:
- Add “What has changed with technology or IT risks since the last report?”
- If not already provided, add “What recommendations do you have to improve the IT operations or mitigate risks?”
- Designate a system Subject Matter Expert (SME) for every major application you have – Their job is to keep up to date with any vendor-introduced changes and regularly share that information with the rest of the team. Their regular meetings with the vendor should also include questions about what’s changing in the industry, not just their product.
- Attend vendor-hosted training sessions and conferences – most of the major software vendors have regular training, webinars and conferences. I highly recommend attending. Not only do you get up to date with the latest changes, but you can also meet other user organisations, which may be very valuable for fixing major issues and identifying trends.
- Invite a technology expert to your board meetings or strategic planning days – despite the heavy reliance on technology, few Not for Profits have technical board members. Therefore, it’s crucial to close the knowledge gap in other ways, and this can be a very affordable method.
Final Thoughts
The pace of change in technology means policies, contracts and practices are becoming outdated within months, and risks are emerging faster than most organisations can reasonably track.
Therefore, it’s crucial for every organisation to put simple but deliberate processes in place to keep pace with the speed of IT change.
I regularly help Not for Profits keep up to date with relevant technology trends and IT risks. Let me know if you need some help with this.
P.S. If you found this article helpful, you might want to read these too:
Tammy Ven Dange is a former charity CEO, Association President, Not for Profit Board Member and IT Executive. Today, she helps NFPs with strategic IT decisions, especially around investments and risk mitigation.
