Effective governance is essential for every Australian Not-for-Profit (NFP). This tool helps your board check its current practices in record-keeping, cyber security, and overall governance.
Our partner, BoardCloud, provides a modern online platform to help you meet these governance obligations easily.
Each question should be answered with one of three options:
You can use this checklist to:
Good record-keeping is fundamental to effective governance and ACNC obligations, demonstrating your charity is run as a not-for-profit, is in good financial health, makes the right decisions, and can meet reporting requirements.
1. Record-Keeping Policy:
Does your charity have a clear, documented policy about what financial and operational records to keep, how they are kept securely, and who is responsible for them, accessible to all Responsible Persons?
2. Financial Records Management: Are your charity's financial records (e.g., invoices, banking records, contracts, employee salary details, asset lists, grant payments, tax documents) kept in an organised, readily accessible electronic format for board review and audit?
3. Operational Records Management: Are key operational records (e.g., governing documents, meeting minutes, reports, strategic plans, policies, contracts, media releases) stored in an organised, readily accessible electronic system for board review and historical reference?
4. Decision-Making Documentation: Do you have clear, retrievable records showing who made operational decisions and how they were made, for accountability and transparency?
5. Secure Sensitive Records: Does your charity have a procedure describing how sensitive records are kept securely, including clearly defined authorised access?
6. Electronic Record Backup: Are your electronic records, including those on cloud-based systems, regularly backed up at a secure site located separately from your primary computers?
7. 7-Year Retention: Does your record-keeping system ensure all required records (financial and operational) are retained for a minimum of seven years, as per ACNC obligations?
This section probes deeper into how your board operates, linking to the core ACNC Governance Standards and highlighting the benefits of structured board management.
1. Board Leadership Structure: Are your board's leadership structure and roles clearly defined (e.g., Chairperson, Treasurer), and does it comprise an appropriate number of members (typically three or more)?
2. Succession Planning for Leadership: Does your board have an effective succession plan for key leadership roles to ensure continuity of governance?
3. Regular Board Meetings: Does your board meet regularly (at least quarterly) to effectively carry out its oversight duties?
4. Governing Document Accessibility: Is your charity's governing document (e.g., constitution, rules, trust deed) readily accessible to all Responsible People via a central, digital repository?
5. Responsible Person Suitability: Do you have a systematic process to ensure all Responsible People (board members, trustees, committee members) are not disqualified from managing a corporation and are suitable for their roles?
6. Duties of Responsible People Awareness: Do all Responsible People have easy access to information about their legal duties (e.g., act with reasonable care and diligence, act honestly, disclose conflicts of interest) and is their understanding regularly reinforced?
7. Conflicts of Interest Management:
Is there a clear process and register for Responsible People to declare and manage real or perceived conflicts of interest, with all declarations securely recorded and accessible to the board?
8. Financial Affairs Management: Does the board have good processes to prevent financial problems, manage money responsibly, and securely access financial statements for review and approval?
9. Board Meeting Efficiency: Are board meeting preparations, discussions, and follow-up actions streamlined through a digital platform, reducing reliance on manual processes and disparate tools?
10. Strategic Plan Review & Approval: Are all board members fully aware of your organisation's mission, vision, and values, and does the board regularly review and formally approve a strategic plan that guides its activities and growth?
11. Program Effectiveness Monitoring: Does your board consistently monitor and assess the effectiveness and impact of the organisation's programs and services in relation to its charitable purposes?
Cybersecurity is a critical governance responsibility. The board's role is to ensure the organisation is resilient to cyber threats, protecting its reputation, assets, and the trust of its beneficiaries and donors.
1. Comprehensive Risk Management Framework: Has your board established a documented risk management framework to identify, assess, and mitigate all significant organisational risks, including financial, operational, reputational, legal, and cyber risks?
2. General Legal Compliance: Beyond the ACNC Governance Standards, does your board ensure the charity adheres to all applicable Commonwealth, state, and territory laws, such as those related to tax, employment, fundraising, and work health and safety?
3. Board Level Cyber Risk Oversight: Does the board treat cybersecurity as a significant risk and receive regular reports on your charity's cyber risk posture and mitigation efforts?
4. Information Asset Register:
Has your charity identified its key information assets (including sensitive board documents), where they are stored, and who has access, documented in an easily accessible register?
5. Secure Board Member Access:
Are all board members required to use multi-factor authentication (MFA) and unique, strong passwords to access board-related digital systems and documents?
6. Secure Board Communication Channels: Are all board communications and document sharing conducted exclusively within secure, purpose-built platforms rather than relying on less secure methods like email?
7. Cyber Incident Response Plan (Board Role):
Does the board have a clear understanding of, and has it approved, your charity's Cyber Incident Response Plan, which is securely stored and accessible to key personnel?
8 Regular Software Updates: Does your charity ensure its antivirus software and other relevant software and devices are regularly updated to protect against vulnerabilities?
Quantify your board's capabilitie and abilities to deliver on its mandate.
1. Annual Board Performance Review: Does your board undertake an annual review of its own performance and effectiveness, implementing adjustments as required?
2. Stakeholder Communication:
Does your board ensure effective and transparent communication with all key stakeholders, including members, donors, volunteers, and the wider community, regarding the charity's activities, funding, and outcomes?
Provide details to label your Assessment. This is 100% optional. Your report will be generated without you having to add your details.
Note that we will NEVER share your information.