risk management

RFPs GOOD. Fixed Bids BAD.

It occurs to me that my signature rant these days is not clearly posted on my own blog. Let’s fix that! As I’ve mentioned before. Requests for Proposals (RFP’s) are controversial in the nonprofit sector. Vendors hate them. Nonprofits struggle with developing them. I’ve been on a multi-year mission to educate and encourage the community to rethink RFPs, as opposed to throwing them out. In particular, nonprofits need to break away from fixed bid requests when hiring web developers, programmers, and people who implement CRMs. Here’s why: Done correctly, RFP’s are an excellent practice. A good RFP informs potential vendors about the organization, their current… Read More »RFPs GOOD. Fixed Bids BAD.

How I Spent My 2015 Technology Initiative Grants Conference

I’m back from our (Legal Services Corporation) 15th annual technology conference, which ran from January 14th through the 16th  in San Antonio, Texas.  It was a good one this year, with a great location, good food, great people – nearly 300 of them, which is quite a record for us. There were plenty of amazing sessions, kicked off by a fascinating keynote on international access to justice web app partnerships. Slides and videos will be up soon on LSC’s website. But I did want to share the slides from my sessions, which all seemed to go very well.  I did three: Are You Agile I… Read More »How I Spent My 2015 Technology Initiative Grants Conference

Career Reflections: My Biggest Data Fail

This article was published on the NTEN Blog in February of 2014.  It originally appeared in the eBook “Collected Voices: Data-informed Nonprofits“. Peter Campbell of Legal Services Corporation shares his biggest data fail, and what he’d do differently now. This case study was originally published along with a dozen others in our free e-book, Collected Voices: Data-Informed Nonprofits. You can download the e-book here. Note: names and dates have been omitted to protect the innocent.  Years ago, I was hired at an organization that had a major database that everyone hated. My research revealed a case study in itself: how not to roll out a… Read More »Career Reflections: My Biggest Data Fail

How I Learned To Stop Worrying and Love The RFP

This article was originally posted on the NTEN Blog in January of 2014. Requests for Proposals (RFPs) seem like they belong in the world of bureaucratic paperwork instead of a lean, tech-savvy nonprofit. There’s a lot that can be said for an RFP when both sides understand how useful a tool an RFP can be – even to tech-savvy nonprofits. By Peter Campbell CIO, Legal Services Corporation Here’s a safe bet: preparing and/or receiving Requests for Proposals (RFPs) is not exactly your favorite thing. Too many RFPs seem like the type of anachronistic, bureaucratic paperwork more worthy of the company in Office Space than a lean, tech-savvy nonprofit. So… Read More »How I Learned To Stop Worrying and Love The RFP

Is It Time To Worry About Cybercrime?

This article was originally posted on the Idealware Blog in September of 2011. For the past decade, the bulk of unlawful web-based activities have been profit-motivated: phishing, spam, “Nigerian” money scams, and hacking to get credit cards. This year has seen a rise in politically motivated crimes, most widely exemplified by the loosely-knit group of hackers known as “Anonymous“.  Anonymous hackers attack the websites of organizations, be they government, corporate or otherwise that they deem to be repressive or unethical.  In addition to defacing the sites, they’ve also routinely exposed confidential user information, such as login names, passwords and addresses.  If we are now entering the age… Read More »Is It Time To Worry About Cybercrime?

The Softer Side Of Security

This article was first published on the NTEN Blog in April of 2010. As the technical staff at our nonprofits, we wrestle with all sorts of complex security concepts: firewalls, encryption, network address translation. But here are three quick questions: Would you spend $10,000 on a security system for your building, and then set the access code to “12345”? Would you set the administrative account name and password to your network to the same thing that five other companies in your building use? Would you allow an outside vendor to manage your network without sharing the passwords with you or anyone else at your organizations?… Read More »The Softer Side Of Security

Dealing with Domains – Part 2

Last week, we talked about domain registrar services and what to look for. In today’s followup, we’ll focus on how to transfer a domain and the accompanying security concerns, then talk a bit about registrars vis a vis hosting services.

Pop Quiz: PCI Compliance

The credit card industry is doing the right thing by consumers and enforcing proper security measures regarding the handling of credit card information. You might have heard about this – a number of the popular vendors of donor databases are recommending upgrades based on their compliance with these regulations. The “Payment Card Industry Data Security Standard”, commonly known as PCIDSS, is a set of guidelines for securely handling credit card information. The standard has been around for about four years, but early enforcement efforts focused on companies with a high volume of credit card transactions. Now that they’re all in compliance, they’ve set their sites on smaller businesses and nonprofits. So, what does this mean?

Compensating for Chaos

In 2000, after spending 15 years at corporate law firms, I made a personal choice to start working for organizations that promote social good by reducing poverty and protecting our planet. I understood that this career move would put some serious brakes on what was a fairly spiraling rise in compensation – my salary tripled from 1993 to 2000. And that was fine, because, as I see it, the privilege of being compensated for doing meaningful work is compensation in it’s own right.