A structured, independent assessment of how your charity uses technology and manages data — scored against the 7 principles of the Charity Digital Code of Practice.
Book a free callThe Digital Governance Review is a comprehensive assessment of how your charity uses technology, manages data, and handles digital risk. It covers your systems, processes, policies, and people — not just your IT setup.
Every review is structured around the Charity Digital Code of Practice — an established framework developed by the charity sector. This means your assessment is consistent, rigorous, and benchmarked against what the sector considers good practice.
The review typically takes 4–6 weeks from kickoff to final report. I'll interview key staff, review your systems and documentation, and assess your position against each of the 7 principles. The output is a scored assessment, a detailed findings document, and a set of prioritised recommendations — all in plain English.
Each principle is assessed individually, giving you a clear picture of where your charity is strong and where the gaps are.
How engaged are your board and senior team with digital? I assess whether technology is on the agenda at leadership level, whether there's a named digital lead, and whether decisions about technology are informed by evidence rather than assumption.
Are your digital services designed around the people you support? I look at how you gather feedback, whether your tools are accessible, and whether technology decisions are driven by user need or internal convenience.
How does your team approach technology and change? I assess whether staff feel supported to try new tools, whether there's resistance to change, and whether your organisation learns from what works and what doesn't.
Is digital embedded in your organisational plans? I look at whether you have a technology roadmap, whether digital spending is planned and justified, and whether your technology choices align with your strategic goals.
Does your team have the confidence and capability to use your technology effectively? I assess training provision, key person dependencies, and whether staff have the skills they need for the tools they're expected to use.
How do you handle cybersecurity, data protection, and responsible technology use? I review your policies, incident response readiness, access controls, data governance, and whether you're meeting your obligations under UK GDPR and the Data Protection Act 2018.
How well does your organisation respond to change? I look at whether you review and improve your technology regularly, whether you learn from incidents, and how resilient your systems are when things go wrong.
A clear dashboard showing how your charity performs against each of the 7 principles. Includes a priority matrix highlighting the areas that need attention first and a 6-month improvement roadmap.
Evidence-based findings with specific, actionable recommendations. Each recommendation is prioritised by urgency and impact, assigned a suggested owner, and placed on a realistic timeline. Written for senior leaders and trustees, not IT specialists.
Practical documents built around what the review uncovers — not generic downloads. Examples include incident response plans, records of processing activities (ROPA), data retention schedules, leavers checklists, and acceptable use policies.
A face-to-face or video call where I walk through the findings, answer questions, and help you prioritise next steps. I'm available for follow-up questions afterwards — you won't be left on your own with a document.
We have a no-obligation conversation about your charity, your concerns, and what you're hoping to achieve. I'll explain how the review works and we'll decide together whether it's the right fit. No preparation needed from your side.
I'll send you a clear scope document covering what's included, what's not, the fixed fee, and the timeline. You'll know exactly what you're getting before you commit. No surprises.
I'll interview key staff (typically 3–5 people), review your systems and documentation, and assess your position against each of the 7 principles. I work around your team's schedule — interviews usually take 30–45 minutes each.
You receive the full written report, then I walk through it with you in person or on a call. I'll explain the findings, answer questions, and help you plan next steps. I'm available for follow-up questions after the walkthrough.
£3,000 – £6,000
Fixed fee, agreed upfront
Most charities with £500k–£2m turnover come in at the lower end of the range.
No hidden costs. No ongoing commitment.
"The assessment was incredibly thorough. It pulled together things I knew were issues and things I didn't even know to look for. The report gave us a clear, prioritised roadmap and the templates alone would have taken us months to produce. I'd already started actioning recommendations before the walkthrough session. This is exactly the kind of support small charities need but rarely get access to."
Mona, Interim Director of Operations
Peer Power Youth
A CRM vendor is selling you their product. Their "assessment" will always conclude that you need their CRM. I don't sell software, implement systems, or take referral fees. The review looks at your whole technology and data landscape and gives you an honest, independent view of what's working, what isn't, and what to do about it.
No. The report is written in plain English for senior leaders, trustees, and operations staff — not IT specialists. If something technical needs to be referenced, it's explained clearly.
UK charities with an annual income between roughly £500k and £5m. At this size, you're typically big enough to have real technology pain points but not large enough to justify a full-time IT director. That's the sweet spot where an independent review delivers the most value.
Yes — and many charities do. The review identifies specific needs, quantifies risks, and provides a prioritised roadmap. This is exactly the kind of evidence funders look for. The report format is designed to be shareable with trustees and funders without modification.
The report and walkthrough are designed to be self-contained — your team should be able to work through the recommendations independently. If you want additional support with implementation, we can discuss that separately, but there's no expectation or pressure to do so.
I understand charities need to carry out due diligence before engaging external support.
Professional Indemnity
£1m cover
Public Liability
£1m cover
DBS Checked
Basic DBS
Data Handling
No data access or copying
Insurance certificates and documentation available on request. Full due diligence details →
Book a free, no-obligation call. We'll talk through your situation and decide together whether a review would be useful.
Book a free callOr email hello@techforcharities.com — I typically respond within 2 working days.