How to get started with intentional AI implementation
View Video
Subscribe to our Youtube Channel here
Listen to Podcast
In part 1, Nura and Carolyn dig into what AI literacy means and how to get started having the conversations about AI implementation and policy. In part 2, they take a closer look at what belongs in a nonprofit AI policy, who needs to be at the decision-making table, and how to make governance stick in day-to-day operations rather than just on paper.
Like podcasts? Find our full archive here or anywhere you listen to podcasts: search Community IT Innovators Nonprofit Technology Topics on Apple, Spotify, Google, Stitcher, Pandora, and more. Or ask your smart speaker.
Download the slides as a PDF (4 MB)
Nura Aboki is a Senior Consultant at Community IT and has been assisting multiple clients with implementing AI tools and processes over the past year. His nonprofit AI governance tips are based on real experience. He shares brief case studies and give tips on best practices he has seen. He also shares advice on how to prioritize governance at the leadership level and valuable approaches that nonprofits are taking in AI implementation.
Webinar: Nonprofit AI Governance Tips
While there is no one-size-fits-all approach to nonprofit AI, Community IT has been learning from our clients and from their various implementation efforts some basic best practices that work in nonprofit AI governance, and we will share these tips and resources in this webinar.
Join Community IT Senior Consultant Nura Aboki in a webinar on Nonprofit AI Governance Tips. Whether you or your nonprofit organization are AI skeptics or evangelists, the need for a focus on governance is becoming obvious across implementation stories over the past year.
People in your nonprofit are already using AI. As Community IT noted recently, the risk is not AI adoption. The risk is unmanaged AI adoption.
But as a nonprofit leader or IT leader or staff member at a nonprofit, where do you start implementing governance? How do you make it a priority? How can deliberate governance and policy making help when implementation is proceeding at such a breakneck pace and the tools themselves are changing rapidly?
Nura shares several brief case studies of AI implementation he has assisted in, and helps you manage the fire hose of AI advice coming at you into actionable and immediate steps for building a policy that reflects your organizations needs and values and can accommodate rapid change.
The session included time for a dedicated Q&A. Registrants were invited to submit specific questions regarding AI governance at registration.
As with all our webinars, this presentation is appropriate for an audience of varied IT experience.
Community IT is proudly vendor-agnostic, and our webinars cover a range of topics and discussions. Webinars are never a sales pitch, always a way to share our knowledge with our community.
Resources Mentioned in the Webinar
AI Acceptable Use Policy Template — Community IT Innovators
AI Literacy and the Workforce — U.S. Department of Labor
Digital Skills Center — TechSoup
AI for Nonprofits Certificate — NTEN
Mission-Aligned AI Adoption Model — Community IT Innovators
No AI Use Policy? What to Do — Candid
Dell and Board.dev Insights Report on Nonprofit AI Adoption
Community IT AI Resource Library — communityit.com/ai-artificial-intelligence/
Community IT Governance Resource Library — communityit.com/governance/
TAG AI Framework — Technology Association of Grantmakers
AI Literacy and the Future of Work — U.S. Department of Labor
No AI Use Policy? What to Do — Candid
We Did the Math on AI’s Energy Footprint — MIT Technology Review
Securing Google Workspace for Nonprofits Webinar — Community IT Innovators
Presenters:
Nuradeen Aboki is a Senior Consultant at Community IT. In that role, he proactively oversees technology infrastructure for select clients, providing strategic IT advice, recommending IT solutions and solution design to meet business objectives, and then overseeing solution implementations. Nura provides leadership and guidance for strategic planning and solutions architecting with clients who have sophisticated technical and business requirements. He gathers core business, technical and IT service management requirements through a variety of activities including key stakeholder interviews, document review and technical assessments.
Nura started his career at Community IT as a Network Administrator. In 2012, he was promoted to Network Engineer and assumed a supervisory role in IT service operations, then became an IT Business Manager, where he has guided some of our largest clients through complex implementation of effective technology investments and utilizing efficient IT services in direct support of their missions. He has a lot of experience in helping nonprofits discover nonprofit IT essentials for challenging times, and is our resident expert on the value of governance and IT policies, and how to craft them.
Prior to joining Community IT Innovators, Nura served as a member of the technical support team at George Washington University and held a Network Specialist role at the Economic Community of West African States (ECOWAS) Parliament in Abuja, Nigeria. Nura holds a Bachelor of Science in Computer Engineering and Master of Science in Electrical Engineering, both from George Washington University.
Carolyn Woodard is currently head of Marketing and Outreach at Community IT Innovators. She has served many roles at Community IT, from client to project manager to marketing. With over twenty years of experience in the nonprofit world, including as a nonprofit technology project manager and Director of IT at both large and small organizations, Carolyn knows the frustrations and delights of working with technology professionals, accidental techies, executives, and staff to deliver your organization’s mission and keep your IT infrastructure operating. She has a master’s degree in Nonprofit Management from Johns Hopkins University and received her undergraduate degree in English Literature from Williams College. She was happy to moderate this webinar and learn more nonprofit AI governance tips from Nura Aboki.
Transcript
Carolyn Woodard: Welcome to the Community IT Innovators webinar on nonprofit AI governance tips. We’ve been doing a lot of webinars and blog posts around AI, and we have a new nonprofit AI podcast that comes out on Tuesdays covering news and resources for nonprofits.
A recent study found that 80% of nonprofits are using AI without any governance policies at all. That’s unmanaged adoption, and it leads to lots of risks — it leads to everyone in your nonprofit heading off in different directions when they’re using AI. So I’m really excited today to talk to our senior consultant, Nura Aboki, who has been assisting our clients in implementing AI for over a year now. A lot of the content about AI at nonprofits can be kind of theoretical or strategic, but today we’re going to get a chance to hear from him about real-life nonprofits and the decisions they’re making around AI tools and adoption.
My name is Carolyn Woodard. I’m the outreach director for Community IT. I’ll be the moderator today.
Learning Objectives
I’m very happy to hear from our expert, but first I want to go over our learning objectives. Today we want to focus on these themes: what do you need to know about AI implementation? What is AI literacy? What is AI governance? What are good models to follow for decision making and policy making? What are AI risks? And what are some emerging best practices from case studies?
And now I’d like to let Nura introduce himself.
Nura Aboki: Thank you so much, Carolyn. Hello, everyone. I’m Nura Aboki. I’m excited to be here. As Carolyn mentioned, I’ve been helping nonprofits explore and adopt AI tools over the past year or so. I really look forward to sharing practical stories and tips from those experiences. And I’m eager to answer your questions as we go through today.
Carolyn Woodard: We’re going to try to leave some time for questions. I have to tell you at the outset, we were just going over our slides and we packed a lot in. So we may have to go over some of the slides fairly quickly. They will all be on our website. We’ll have the transcript, and I’ll include all of the links that we share and resources on our website as well, communityIT.com. So don’t worry if something kind of flies by. But if you have questions at any time, go ahead and put them in the chat or in the Q&A.
Community IT Background
Before we get started, if you’re not familiar with Community IT, I’m going to tell you a little bit more about us. We’re a 100% employee-owned managed services provider. We provide outsourced IT support exclusively to nonprofit organizations. Our mission is to help nonprofits accomplish their missions through the effective use of technology. We’re big fans of what well-managed IT can do for your nonprofit.
We serve nonprofits across the United States, and we’ve been doing this for 25 years. We are technology experts and are consistently recognized with the MSP 501 designation as a top MSP, which is an honor we received again in 2025. And we believe we’re the only MSP on that list serving nonprofits exclusively.
I want to remind everyone that for these presentations, Community IT is vendor agnostic. We only make recommendations to our clients based on their specific business needs. We never try to get a client into a product because we get an incentive or a benefit from it. We do consider ourselves a best-of-breed IT provider. It’s our job to know the landscape, what tools are available, reputable, and widely used. And we make recommendations on that basis for our clients based on their business needs, priorities, and budget.
As I said, we’re going to leave as much time as we can for Q&A, but I don’t expect it to be very much time. You can submit your questions through the chat or Q&A feature at any time today. And of course, you can always join us there and ask questions, and we check that regularly so we will be able to answer them later too.
A little bit more about us: our mission is to create value for the nonprofit sector through well-managed IT. And we also identify four key values as employee owners that define our company: trust, knowledge, service, and balance. We seek to always treat people with respect and fairness, to empower our staff, clients, and sector to understand and use technology effectively, to be helpful with our talents, and we recognize that the health of our communities is vital to our well-being and that work is only a part of our lives.
Poll Results: Where Are Nonprofits on AI Governance?
Carolyn Woodard: So now I’m going to launch our first poll. The question is: do you have AI policies? The answers you can choose are: I don’t think so (there’s no shame — you’ve come to the right place); we are in the process of creating policies; yes, our organization has created an AI acceptable use policy; yes, and our staff understand our policy and are using it every day; and not really applicable, if you’ve joined our webinar and you aren’t at a nonprofit.
Nura, can you read the results?
Nura Aboki: Yeah, quite interesting here. I’m really impressed by what I’m seeing. About 21% said they don’t have an AI policy. We expected that several nonprofit organizations would not have one.
But what I’m really impressed by is that 53% actually said they are in the process of creating one. That’s quite impressive to see. Hopefully some of the tips we share today will help in that endeavor. And then about 15% already have an AI acceptable use policy, and about 6% have an acceptable use policy and staff know about it.
So quite impressive. That’s ideal. But don’t worry: wherever you are on this spectrum, our content should be useful to you. We’re going to start by laying out some of the foundational principles about AI and nonprofits, and then we’ll be able to give you additional context whether you’re a beginner or already advanced.
Carolyn Woodard: That was really interesting. Congratulations, as Nura said, to everyone who is working on it. And if you haven’t started yet, we’re hoping this will give you somewhere to start from. Thanks for coming, because clearly it’s important.
AI at Nonprofits Basic Approach
This slide we actually shared in January in our Technology for Nonprofits roundtable, and I just wanted to share it here because that feels like 100 years ago in AI terms. But these are some of our talking points and what we stand by: match your tools to your needs, beware of freemium tools where you aren’t paying for a license and don’t have a business relationship with that vendor, make sure the human is the last editor (you’ll hear that called “human in the loop” when they’re talking about AI), have a policy, keep training, and keep talking about it. AI is being added to tools you already use, so you need to take that into account. And just take training seriously and upskill yourself and your staff.
This slide kind of illustrates that AI tools are changing really quickly. But there are some emerging truths: the underlying principles of how you use AI are not changing as rapidly as the tools are changing. So having a strong IT foundation allows you to adopt new tools well.
AI is a new tool. It’s very disruptive, it’s changing our work and our sector, but it is a tool. And our past experiences with tool transformations can help you here too. For example, when a lot of nonprofits moved to the cloud, that was a similar time where everything was changing. Having a good foundation, having policies, and really being transparent about it are all very important when a new tool is coming in so quickly.
I want to share a couple of resources with you quickly. I’ll share the link in the chat. This is from a Department of Labor publication about AI literacy and how it is changing the workforce. I found it very helpful. It’s a short PDF document you can find online. It has probably four or five pages about each of these points. I’m not going to go into depth on any of them now. They have a free download with excellent ideas on training and hiring for AI literacy in general.
They start with what AI literacy entails: understanding what AI is, exploring the use, directing the AI effectively, evaluating AI outputs, and using it responsibly with ethics in mind. And on the flip side, also part of this document, they have their effective delivery principles of AI literacy, basically covering how you go through training with your staff.
I’m also going to share in the chat some resources around AI literacy that are specific to nonprofits. TechSoup has some courses, NTEN has a certification, there’s the Human Stack, NetHope. You can also search Microsoft, Google, and Anthropic for free AI training for nonprofits. If you’ve updated a tool or platform you already use and notice there’s a new AI feature, like a little icon or a helper chatbot, you can usually access that tool’s knowledge base to learn more about how to use the AI within it. For example, your CRM, Zoom, MailChimp, and Google Analytics are all introducing AI tools that can help you.
I also wanted to share a link to an article from our president and COO, Johanny Torco, where she did a really good analysis of a mission-aligned AI adoption model. It’s a free download on our site, and I’ve shared it in the chat. It’ll be in the transcript. I think we can say at this point that 100% of nonprofits have staff using AI tools. But as I said earlier, a recent survey from TechSoup and Candid found that only 20% of nonprofits have an AI policy. I’ll share that article with you as well if you haven’t seen it already.
And now I want to turn it over to Nura for our first case study. Nura, you’ve talked about some organizations you worked with on AI implementation. Can you give us a little bit of how they went about it?
Case Studies: Starting with the “Why”
Nura Aboki: Yeah, thank you, Carolyn. I’d like to share two real-world scenarios. What nonprofit organizations need to consider at the start of AI adoption has to do with AI policy and governance.
The first scenario: a nonprofit executive suddenly realized staff were using AI tools without any policy, which is pretty commonplace these days, and said, “We need a policy now.” People were already experimenting with AI and there was no guidance. So when leadership stepped in with an urgent mandate, staff were uneasy. Those who hadn’t used AI were asking: why do we need this tool? What’s the plan? Why should we trust these tools?
Leadership quickly saw they needed to provide clear strategic rationale, essentially answering the staff’s question of “why” before an AI rollout could succeed. So they took a pause to define how AI aligned with their goals and what guardrails would be used to keep them safe, and only then resumed implementation.
This “asking of why” is very important. Even if leadership says you need a policy, it’s essential for leaders, stakeholders, and organizations to clearly understand why they need these tools and why they need a policy to govern their use. If that’s not clearly understood, you won’t have buy-in, and you won’t have a solid strategy for how to use AI tools.
I want to add a second example. A nonprofit organization whose mission is environmental sustainability was initially hesitant about AI. You can imagine: staff were worried. “Our mission is to protect the environment. So why are we considering using AI?” Because we read about how much energy and resources AI uses, which seemed to contradict their mission.
There was an internal debate: can we justify using AI if our mission is to protect the environment? Ultimately, they reached a consensus that AI could help them in ways that justified the environmental cost. For example, automating tasks so staff could focus more on mission-critical work. They also committed to using greener AI options where possible.
This open values discussion was essential, because otherwise staff would just feel a sense of guilt. Once everybody was comfortable and understood the reasoning, there was mission alignment around why and how AI could actually be used responsibly. And they proceeded to set out a policy and train staff on how to use AI. The key takeaway there: before implementing AI at your nonprofit, address the fundamental “why” and “how” questions internally.
Poll Results: Biggest Barriers to AI Governance
Carolyn Woodard: That’s a perfect segue into our second poll: the biggest barriers to AI governance.
The question is: what is the biggest barrier at your nonprofit to AI governance? Your options are: one, leadership challenges (which could cover a broad range of things, from a leader who’s too excited and moving too fast for the rest of the staff, to leaders who are reluctant while their staff are excited, to just finding the time); two, don’t know where to start; three, started but stalled because we lack time and capacity; four, we’re using so many AI tools already and we haven’t needed governance so far (a little tongue-in-cheek, since everyone needs governance, but it can feel that way); five, something else. If you feel comfortable sharing, we’d love to hear it. And the last option is not applicable. Nura, can you read the results?
Nura Aboki: Yeah, I can see that about 3% cited leadership challenges as a barrier. But 36% say they don’t know where to start. And about 33% said they’ve started but stalled because they lack time or capacity. We totally understand, especially for small nonprofit organizations where capacity can be a real challenge. The others said not applicable. There weren’t any results for “we’re using so many tools already and we haven’t needed governance so far.”
Carolyn Woodard: It can happen, as I said, but congratulations to everyone here. It makes sense that you’re in a webinar about governance because you think governance is important.
There were some really interesting things that came in under “other,” so I’m just going to quickly shout those out and thank you for using that feature.
“One of the biggest problems is that the genie is out of the bottle, and controlling what tools people are using is proving challenging” — the challenge of shadow AI.
“Overwhelmed with AI intrusion into everything, paired with knowing there are devastating consequences for communities and the planet, and good information about the real consequences is hard to come by.” I hear you, for sure.
“Most of our staff are ethically opposed to AI and don’t want to touch it.” A few people are interested in specific tools and instances. You’ve come to the right place — we’re seeing that a lot.
“Disparities in access to free versus paid AI tools across staff.” Definitely. It’s hard to say we should budget for licenses for everyone when a free version is right there.
“A big barrier is the reality that AI is impacting our communities so significantly, both the environmental impact and data centers threatening our desert region and resources. It’s difficult to navigate a use policy when so much goes against our core values.” We definitely hear you. That is something we’re hearing a lot from nonprofits. You’re not alone in feeling that.
Thank you, everyone who shared with us. I really appreciate it. We’re going to move on. Nura, you have more to talk about from the many organizations you’ve worked with over the past year. Some clear best practices are starting to emerge. I’d love to hear more.
Best Practices for AI Implementation
Nura Aboki: Now we’ll start with some best practices for implementing AI. These steps will address many of the barriers you’ve identified.
The first is starting with a clear communication and change management plan. Before anything else, get your team on the same page. You need to explain that you’re exploring AI and how it could help your mission, so that those “why” questions are clearly communicated. Address the fears upfront so everyone is at least open-minded about AI.
The second is taking a structured, intentional approach. Treat AI adoption like any other major project, because this is really making a difference. Have a methodology and approach that is intentional. Bring in key stakeholders early, plan the phases, and do not just flip a switch overnight, because that’s what leads to shadow AI. Quick adoption might be tempting, but intentional planning prevents problems down the line.
The third is appointing an AI owner: identifying someone who can be a champion and manage the AI tool internally. You may argue that you’re a small nonprofit and can’t have a specialist. But AI is widely used, and if you understand how important it is for your mission, then identifying an owner will be quite useful. It might be one person or any staff member who is passionate and knowledgeable about AI, or willing to learn. They’ll be the go-to person for how the tools work, their settings and preferences. You have a ready human answer, not a curated Google result, but someone who has experienced it and can be trusted to provide guidance. Appointing that owner is highly valuable.
The fourth is deciding on metrics, guardrails, and running a pilot. Define what success looks like, whether that’s improving accuracy or saving staff time. Set boundaries, like “do not enter personally identifiable information into the AI.” Then run a pilot project: let a small group of staff use the tool within the guardrails you’ve defined and get feedback, rather than opening it up to the entire organization. Start small. Feedback is important for iterating and making sure the experience ultimately has value for your organization.
The fifth is doing your due diligence. While the pilot runs, evaluate multiple tools with transparent criteria, because the tools are evolving quickly. When generative AI first appeared, there was one big popular tool. Now there are many others, and it may be Claude or something else tomorrow. Evaluate the variety available and consider features, cost, data security, and vendor reliability. What if the vendor closes? That’s a real risk.
Involve leadership in weighing those options and risks, and when you pick a tool, document the decision. Document why, and it helps everyone trust the choice that’s been made. You may not necessarily land on one tool; it could be a variety of tools that are useful to your organization.
Then move on to providing basic training for all staff on the chosen tool. Once you have that tool, train your staff on how to use it, or at least how staff will be affected by it. That will cover both how to use it and the rules for using it, which is the policy you set around AI use. Then give people time to practice on their own to encourage experimentation within safe bounds, because those guardrails in your policy will give people a sense of their limits.
Lastly, we are encouraging nonprofit organizations to have a second training. It’s not just one training on the basics; you want to look at how to harness the potential of AI by focusing on collaboration and sharing lessons. After folks have some experience, bring it back together for a deeper session on using AI tools within a team workflow or organizational workflow.
This is where you’ll see real adoption and the biggest benefits: when people learn from each other’s use cases and integrate AI into everyday processes. By following these steps — communication, planning, piloting, due diligence, and training — you weave governance into the actual implementation. It ensures everyone is involved, risks are managed, and your AI adoption is aligned with your mission from the start.
Carolyn Woodard: I want to briefly acknowledge the great conversation going on in chat around the ethics of using AI at all. Great comments.
I think there are some emerging consortiums in philanthropy and the nonprofit sector around using AI for the good of the planet and people, versus the for-profit bent of AI right now, and that’s something that philanthropy can really speak to. That’s a bit of a separate conversation, but I just wanted to acknowledge it, and there are some resources out there I’m going to try to pull up and share.
What is AI Governance?
I wanted to move on to what is AI governance, just to make sure we’re level-setting here.
These are all questions your organization needs to wrestle with: who decides what your AI policy is? Is it a leader? Is it an all-staff decision? Who decides what tools get used? You may want something very specific, like a list of approved tools only, or you might want something more flexible for different teams with different tasks — more around principles, like “this is how we choose a tool.”
Who purchases or owns the tools? Who decides on AI access to files? How do you monitor risks? Who is responsible when something goes wrong? How does your policy stay current? How often do you revisit it? How does your staff know what the policy is? We had that question in our poll about having a policy that staff are using and know where to find.
These aren’t prescriptive answers. These are questions you need to take back to your organization and sit with. How do you make these decisions?
And along with those decisions come some AI risks that nonprofits should know about. Data privacy: what is shared, what’s accessible. As we said earlier, it’s hard to justify a paid license when a free version is right there, but that free version carries a lot of risk when you’re uploading documents or making queries.
Cybersecurity vulnerabilities may increase because you’re using AI, or because hackers are using AI and have more access to what you’re doing. Shadow AI: staff using a whole bunch of different tools brings risk.
Bias and equity issues: which tools you’re using, how they were trained, whether they’re harming or enabling the communities you care about. These are questions that really speak to your values as a nonprofit.
Vendor commitment and tool churn: what’s your investment? How would you migrate if you change your mind? What if that vendor goes out of business? We’re in the middle of a bubble right now, with a lot of consolidation and market forces going on. You might commit to a tool and six months later it goes belly up.
Staff confusion and distrust: staff who have different ideas about what your AI policy should be or what tools you should be using. Reputational risk from AI-generated errors. And legal risks: as someone put it, we say “human in the loop,” but it might really be “human in the jail,” because the AI isn’t going to be held responsible if something goes wrong with your AI. The human who approved it or used it is.
Nura, I wanted to ask you quickly about that vendor commitment issue. Can you talk a little more about that and how to think about it?
Nura Aboki: Yes, absolutely. I recently saw a nonprofit start with one tool, say Microsoft 365 Copilot, then decide they liked ChatGPT better, and then switch again to a newer model like Claude, which better met their needs. This kind of tool churn is happening a lot. It means that as a nonprofit, you’ll want to plan for the possibility of switching tools or the vendor changing their product, and consider the training and change management needed each time you switch, so staff aren’t confused. It’s important to track these changes and ensure decisions are made effectively. Otherwise, you risk your staff going rogue with their own preferred tools — more shadow IT or shadow AI, as it’s called.
What Should a Good AI Policy Cover?
Carolyn Woodard: This slide is a quick guideline of what a good AI policy should cover. I’m going to include the link in the chat to our acceptable use template on our website. That’s a free download you can use as a starting point.
The things a good AI policy should cover include acceptable use, data handling rules, and any compliance requirements you need to be aware of — like HIPAA, or if you work with sensitive communities or children, what data you’re allowed to use under your regular IT policy. Human review requirements are important too.
Vendor vetting could be its own webinar, because it is so opaque and difficult to find real information about what the different AI tool vendors — the big tech companies — are actually doing. Who is approving the new tools? Training expectations: what you’re expecting of your staff, what training you’re going to provide, and what training you want them to have as they’re using the new tools.
All of that can go in your policy. I would say your policy definitely needs to be something that is evolving as you’re evolving. It’s changing so fast that you need to be able to be flexible with it.
Nura, I think we’re going to talk a little bit about who is at the decision-making table and what formats can work for that.
Nura Aboki: Let’s talk about that. We strongly recommend a cross-functional team or committee that brings together various perspectives.
You’ll want leadership, certainly, because leadership support is essential for resource allocation and culture. You’ll also want to look at board member involvement or board oversight, especially on the risk and ethics side of things. This has been mentioned in the chat quite effectively. Strong board oversight will help address the ethics side of things. Getting your board on board, so to speak, is helpful for setting the tone and maintaining accountability.
Then your IT team or provider definitely needs to have a seat at the table. They understand the systems and security implications, so you have that IT advice in terms of implementation.
Legal, HR, and compliance roles are also important. When it comes to governance, since governance is all about policy and people, HR can ensure it’s integrated into training and hiring, and legal can flag compliance issues if you have any.
And more importantly, representation from the teams that will actually use AI — basically, everyone who’s going to use AI. The end user should have input to share concerns and practical needs. The more diverse the committee is, the better. You’ll catch more potential issues and gain more buy-in. In fact, research by TechSoup and BoardSource found that organizations where staff and board co-developed AI principles launched 12 times more pilots and scaled AI more effectively. Having the right people involved not only produces a smarter policy, it also builds trust.
Carolyn Woodard: I shared the link in the chat as well from board.dev, which is a great organization that helps develop nonprofit boards around technology. They did a really wonderful report on this. I’m going to keep moving us along.
Nura, you were going to share another case study with us about how individualized a policy might need to be.
Case Study: Governing AI-Assisted Content
Nura Aboki: Yes. This case study highlights a nonprofit that did a lot of things right by starting with governance in mind.
This organization produces a lot of public-facing content: reports, articles, newsletters. They wanted to leverage AI for initial writing and editing assistance. Right away, they realized this was a high-risk area, because anything inaccurate or off-brand could reach the public and harm their reputation.
So they set up a governance approach around writing with AI. They updated their writing style guides and standard operating procedures to incorporate AI. For instance, they gave staff guidelines on how to use AI to draft content that still sounded like the organization’s authentic voice. They required every AI-assisted draft to go through the normal editorial review process — human in the loop — ensuring that a person checks facts and tone.
They even did targeted training sessions on how to write with AI: how to prompt the tool in their specific style and how to edit its output to meet their standards.
As a result, they were able to speed up some writing tasks without losing the trust and consistency their audience expects. The key lesson here is that effective governance is specific to your nonprofit’s needs and values. Content quality and voice were paramount for them, so they made sure their AI policy and training honed in on that. And because they started early with those guardrails, their staff felt comfortable and confident using the tools.
Carolyn Woodard: Such a great example of how specialized your policy might need to be, and how you can identify higher-risk areas as a good place to start.
I wanted to give you a prompt for the chat: has your nonprofit had an AI-related problem or close call? Drop a yes or no and give some examples if you’d like.
Some examples we’ve seen: permissions sprawl, where permissions aren’t very locked down and suddenly AI is giving people access to documents they technically have permissions to, but that you didn’t realize they had access to.
Something due to implementation that wasn’t guided or intentional.
As Nura was saying, the organization in that case study didn’t have a close call, but they knew they’d want to make sure their AI-assisted publications still went through just as rigorous an editorial process.
We’re seeing in the chat that most people are saying “mercifully no, not yet.” Some examples coming in: generating AI stock pictures with misspelled words in slides (that happens). I had one that I put on our website and I still had the little prompt in there, and I didn’t realize it until the next day – I was like, oops, I put that in there. And: “No one’s showing up for meetings anymore because they all send their AI summary bots.” I love it.
Next Steps: Wherever You Are in the Process
Carolyn Woodard: We’re going to go pretty quickly through some of these last slides. Nura, we wanted to talk about where people are in the process and some next steps.
Nura Aboki: We know folks attending today are in different places with AI, so we want to provide next steps for three scenarios.
Starting from Scratch
If you’re just starting out, maybe you’re a skeptic or have no idea where to begin: the first thing you want to do is audit what tools staff are already using. There are cross-discovery tools that can be added to your computer systems, or you can ask staff directly which tools they’re using. You might be surprised how much AI is already being used under the radar. A quick survey or informal check can help you get that picture.
Then start with the leadership conversation. Bring AI up to your leadership team and board, share some of today’s insights, get support, and assign ownership.
Then leverage templates and resources. You can download our AI Acceptable Use Policy template. Downloading is step one, but really looking at what your organization needs and adapting it is where the work needs to happen internally. Even a simple draft can help move those discussions forward.
Building Policies
If you’re building out your AI approach — meaning you’ve already started using AI or are actively piloting it — you want to identify your governance leads. Form that cross-functional team we mentioned earlier and designate an AI owner to manage the initiative.
Then draft and adapt your AI acceptable use policy or governance policy in writing, covering data handling and oversight, and refine it as you learn more from the pilot.
Build in training. Start with staff training as you deploy the AI tool, and plan to review your progress regularly. Instead of a single annual review, consider quarterly or even monthly check-ins during implementation, because continuous improvement is key for these policies.
Need a Policy Reset
If you need a reset — if you’ve already had an AI mishap or things are feeling chaotic — don’t panic. Do an assessment. Figure out what’s happening: who is using what AI tools, what went wrong, and how bad it was. It’s important to understand the root cause calmly.
Then identify what happened and why. Was it a training gap, a policy vacuum, a misconfigured setting? Understanding the why will help you fix the issue.
Then reset your governance based on what you find. Tighten your policies accordingly and communicate changes clearly to your team. It might involve pausing some AI use until guardrails are in place, then relaunching with better oversight.
The overall message here is: wherever you are, take the next step. Even small steps – like drafting a one-page policy or asking your staff what they’re currently using – can significantly reduce risk and set you on the right path.
Making Governance Stick: Training, Communication, and Q&A
Carolyn Woodard: This slide is pretty packed, but I hope it’s helpful. It will all be on our website at communityit.com.
Some ideas for making it stick: as we’ve talked about today, governance isn’t a one-and-done. Your IT policies need regular review and updating – all of them, but especially your AI policy.
Staff training is definitely an ongoing issue for these types of tools. Update your onboarding, but also build in learning time with a cadence and style that fits your organization, and have regular reviews and check-ins with all staff to ensure the training is working for your people. People have such different learning styles. Some like to go off by themselves and just play with a tool. Others really need something more structured and want to learn together.
One thing I’ve been hearing a lot is that the more we learn AI together and become AI literate together, the more unified our voices in the philanthropy sector can be about what we want these tools to look like, how we want them to work, and what ethics and safeguards we want in place.
Don’t forget to build in checkpoints. Pilot a lot. Build multiple go/no-go points into your decision making for big AI decisions. And remember that your AI tools are also being implemented through a lot of little decisions right now. So just wrap your head around the whole issue of AI at nonprofits.
I’m going to share some additional resources in the chat, and they’ll also be in the transcript and on the website. Some are already on our website: we have an AI library, a governance library, and the nonprofit AI podcast on Tuesdays, where we talk a lot about some of the ethical and environmental issues that are coming up. There are some good frameworks there, and a literacy link to the Department of Labor article. I hope these are helpful.
I think we have just a minute or so for a question. We had a really good one at registration, so I hope it’s okay to share it.
Nura, how do we ensure AI governance frameworks don’t just exist on paper, but are actually implemented in day-to-day operations? You’ve probably seen the good, the bad, and the ugly around this. Can you share a couple of tips?
Nura Aboki: What I’ve seen work is leadership recognizing how important AI is to their mission and ensuring that stakeholders across all departments and teams have a continuous review and communication process around AI use in their organization.
Whether it’s having the governance policy published on the intranet or periodically bringing up progress and AI use in staff meetings, that has been effective. It’s new, and people are interested. A staff meeting is actually a good opportunity to share “here’s what we’re doing with AI,” so that those who are skeptical or haven’t been involved yet at least know that progress is being made and there’s governance around it. Leadership buy-in and regular communication are key.
Carolyn Woodard: It’s also important to have spaces where people can talk about it openly, where there’s a sense that we’re all in this together. People are in very different places on AI. They have strong opinions about the tools they love, what they’re using AI for, and whether they should be using it at all.
It’s important to have learning spaces where everybody is welcomed at whatever point they’re at, so you can talk about it transparently. That saves you from finding out later that someone was never on board, or that someone went off in their own direction and spent a lot of money on something that isn’t secure or doesn’t align with your values.
Creating that kind of open space where people can have questions and appreciate each other’s points of view is particularly important around AI.
Nura Aboki: Absolutely. That regular space, where people know they can have candid conversations without being judged about their position on AI, is really important.
Carolyn Woodard: We got one more question in the chat: what metrics have you found helpful when organizations are developing and measuring their AI governance? That’s a good question. It’s so early in the game.
Nura Aboki: We’re mostly in an experimental phase at the moment. But organizations can look at key metrics: is AI truly saving staff time, or are staff still mostly experimenting with these tools?
If you have defined goals, that’s one way to track how governance is working. Through the rollout process, you want to define why you’re using AI and what goals you want to achieve, and those goals will help you develop metrics to measure performance. Some goals could be automating workflow processes between teams, or developing a process for writing in a consistent, human-like way using AI. Goals really help you define what your metrics will ultimately be.
Carolyn Woodard: We have another question: how do you take into account the ethical and environmental impacts of AI in your recommendations? I know you’ve had organizations asking you about that. Do you have a quick answer? That’s like a whole webinar.
Nura Aboki: It really is a whole webinar.
But core values are very important, and we can’t dismiss that. A lot of people working in nonprofit organizations believe deeply in the mission and the cause. So having an understanding of the environmental impact – what’s real and what’s exaggerated – is needed in order to make a true judgment call. The true environmental cost of AI is often hidden and not very transparent. Getting that information is really critical to helping you decide whether using AI is worth it and whether it conflicts with your ethics.
Carolyn Woodard: Do you mind elaborating on the exaggerated impact?
Nura Aboki: Sure. When we think about energy use, the way it’s communicated to us is often: “When I write a prompt, I’m using X amount of energy.” But if we look at it holistically, that prompt isn’t just one person’s energy use. We want to understand how much the entire world’s AI use is truly impacting the environment as a whole.
They might say writing a long prompt consumes X amount of compute power. But as a whole, how much compute power are we actually using? Understanding those nuances helps you decide whether this conflicts with your ethics. There are real nuances when it comes to things like prompt engineering, for instance.
Carolyn Woodard: It’s complicated. What you’re taking into account matters: are you close to a coal-fired plant? Are you using renewable energy? Where in the country are you, where in the world are you? There are lots of complicating factors.
I can’t find it right now, but I’ll put it in the transcript: there was a really good ebook from MIT that came out estimating the total energy cost, and there are some other organizations working on water use issues as well. I’ll share that link when I can. I was looking for it just now and couldn’t find it quickly.
I wanted to go back over the learning objectives for today: what do you need to know about AI implementation? What is AI literacy? What is AI governance? What are good models to follow for decision making? What are some AI risks? And what are some emerging best practices from case studies?
Nura, I want to thank you because I think we covered all of this, even though we had to rush through some of it. We did touch on all of those things, and I hope we gave the audience something more to think about.
I wanted to invite everyone back next month. We’re doing another webinar that, well, AI will probably come into it, but it’s not about AI — because if you’re like me, everything is AI all the time.
We’re going to talk about Google Workspace, which a lot of nonprofits are using and administering themselves, especially smaller nonprofits and startups that set it up on their own. If you did that, you are in good company.
We’re seeing up to 50% of our new clients come to us with Google Workspace as they grow and realize they need a bit more help to manage it. We are one of the only MSPs with extensive experience in Google Workspace.
Our expert, Steve Longenecker, who is our director of IT Consulting, will be with us in June to talk about the differences between how Microsoft and Google Workspace set up security. Google Workspace can be very secure. There are things you can do as you grow that will keep you secure now and prepare you for the future, whether you stick with Google Workspace, grow to a larger staff, or use it in a hybrid setup with some Microsoft tools as well.
That webinar will be at 3 p.m. Eastern, noon Pacific on Wednesday, June 17th. I’ll share that link now. If you’re on Google Workspace and thinking about security, this can help you. You can also join us on Reddit at r/nonprofitITmanagement for more Q&A with Nura for about the next 30 minutes, or check in anytime — we’ll be checking back on that thread to answer more questions.
Nura, I want to thank you so much for joining us today and sharing all of this expertise and experience with our clients, large and small, and the different things they’re trying to do with AI and how they’re managing governance. Thank you so much.
Nura Aboki: Thank you for having me. It’s a pleasure.
Carolyn Woodard: And to everyone who joined us in the webinar, I really appreciate your time today. You spent an hour with us, which is an hour you could have spent doing something else. So we appreciate it. Hope this was helpful. It’s a huge topic.
We have lots of other AI resources on our website at communityit.com. I hope you can join us there or over on Reddit. We’ll be back next month with another webinar. You can find all of our past webinars and videos on our website as well.
Thank you so much for joining us today. Take care.
As advocates for using technology to work smarter, we’re practicing what we recommend. This transcript was drafted with the assistance of AI, and is not a verbatim transcript. The content was edited for clarity, and was reviewed, edited, and finalized by a human editor to ensure accuracy and relevance.
Photo by Ofspace LLC on Unsplash