Why Your Charity Needs a Digital Governance Review

| Tom Cain

Most charities know their technology isn't working as well as it should. Staff rely on workarounds. Data lives in spreadsheets that only one person understands. The CRM hasn't been properly maintained since the person who set it up left three years ago.

But knowing something feels wrong and understanding exactly what to fix — and in what order — are very different things.

The problem with piecemeal fixes

When charities try to address technology problems without a clear picture of how everything fits together, they tend to make one of two mistakes:

  • They buy new software — a new CRM, a new finance system, a new intranet — without understanding why the current tools aren't working. Often the problem isn't the tool itself, but how it's being used, who's responsible for it, or how data flows between systems.
  • They hire a consultant who sells implementation — and unsurprisingly, the recommendation is always to implement something. The assessment isn't independent because the assessor has a financial interest in the outcome.

Neither approach starts with the right question: how does technology actually serve this organisation, and where are the real gaps?

What a Digital Governance Review actually covers

A Digital Governance Review is structured around the Charity Digital Code of Practice — a framework developed by the sector, for the sector. It covers seven principles:

  1. Leadership — Does the board engage with digital and data as a strategic issue?
  2. Culture and skills — Do staff have the confidence and capability to use your systems effectively?
  3. Data — Do you know what data you hold, where it lives, and who can access it?
  4. Cyber security — Are you managing risk proportionately, or just hoping for the best?
  5. Integration — Do your systems talk to each other, or does your team spend hours on manual data entry?
  6. Adaptability — Could your technology cope if a key person left, or if you needed to scale quickly?
  7. Sustainability — Are you investing appropriately, or storing up technical debt?

Each area is scored, so you get a clear, comparable picture of where you stand — not just a vague sense that things could be better.

Who it's for

The review is designed for UK charities with an annual income between roughly £500k and £5m. At this size, you're typically big enough to have real technology pain points — multiple systems, data protection obligations, remote working needs — but not large enough to justify a full-time IT director or CTO.

If you're a CEO, COO, or trustee who suspects your charity's technology isn't serving you as well as it should, but you're not sure where to start, this is designed for you.

What you get

The output is a written report — plain English, no jargon — with:

  • A scored assessment against all seven principles
  • Specific findings from interviews and system review
  • Prioritised recommendations you can act on immediately
  • Ready-to-use templates for policies you might be missing
  • A face-to-face walkthrough to discuss the findings

The report is yours. Use it to brief your IT support, make a case to trustees, or support a grant application. There's no lock-in and no expectation of follow-on work.

Getting started

If this sounds like it might be useful, get in touch or book a free 30-minute call to talk it through. No pitch, no pressure — just a conversation about whether a review would be worthwhile for your organisation.