SEARCH

Category Archives: Nonprofit Security

Webinar: Emergency Preparedness Resources for Houses of Worship

August 06, 2014

The Department of Homeland Security Center for Faith-based & Neighborhood Partnerships
the Small Business Administration Center for Faith-based & Community Initiatives
(Both Centers of the White House Office of Faith-based & Neighborhood Partnerships)
and the Federal Emergency Management Agency

invite you to join us for:

A Webinar on Emergency Preparedness Tools & Resources for Houses of Worship and Community Organizations

WEBINAR

________________

 

Learn more about tools, resources and partnerships strategies to help faith-based and community organizations prepare for emergencies!

WEBINAR DESCRIPTION: The purpose of this webinar is to provide participants with information on emergency preparedness tools, resources and engagement strategies that are available to faith-based and community leaders and emergency managers. Presentations will explain how faith-based and community-based organizations can engage in National Preparedness Month 2014 and National PrepareAthon Day! activities. The presentations will also highlight engagement best practices at the state and local level between faith-based and community leaders and emergency managers to prepare faith and community-based organizations and the larger community.WHO SHOULD JOIN THE WEBINAR? This webinar is for anyone interested in learning more about resources to help faith-based and community-based organizations get prepared for emergencies and help their communities to do the same.

WHEN IS THE WEBINAR? 

August 19, 2014
3:00 p.m. – 4:00 p.m. Eastern Daylight Time (EDT)

HOW DO I JOIN THE WEBINAR?

Adobe Connect Web Link: https://icpd.adobeconnect.com/faithtoolsa/event/registration.html

Please sign in as a guest.  Be sure to test your Adobe Connect connection prior to the meeting by clicking here.

PRESENTERS. Representatives from the Georgia Emergency Management Agency, County of Los Angeles Office of Emergency Management and Miami-Dade Fire Rescue Department’s Office of Emergency Management will present.  The Small Business Administration Center for Faith-based & Community Initiatives and Department of Homeland Security Center for Faith-based & Neighborhood Partnerships, will also provide remarks in support of houses of worship and community organizations engaging in preparedness activities.

Nonprofit Homeland Security Grants results

July 29, 2014

Schumer, Gillibrand Secure Over $2.1 Million To Improve Emergency Preparedness For Religious Institutions & Organizations In-And-Around NYC; Grants Awarded To 30 At-Risk Jewish Schools & Congregations

Schumer and Gillibrand Secured Funding For Organizations Based in New York – Out of the Total $13 Million Granted to Awardees Across the Country
U.S. Senators Charles Schumer and Kirsten Gillibrand today announced that 30 New York Jewish organizations, including schools and congregations, and more have received a combined total of $2,188,517 for the 2014 fiscal year as Urban Areas Security Initiative (UASI) Nonprofit Security Grant Program (NSGP) Awardees. The program, run by the Federal Emergency Management Agency (FEMA), awards federal funds to nonprofit organizations that are at a high risk of a national terrorist attack to encourage preparedness efforts.

“Religious schools and congregations have been previously targeted for attacks and that’s why FEMA’s Nonprofit Security Grant Program is critical in making sure that high-risk organizations are safe and protected from terrorist attacks,” said Schumer. “It is especially important for organizations in and around New York City to receive this federal funding, which will go a long way to ensure that they are fully prepared for whatever may happen in the future.”

“These federal dollars will arm our non-profits with the resources they need to guard us from attacks and keep us safe,” Gillibrand said. “No New Yorker, or American, should ever have to live and worship in fear of being targeted because of who they are or what they believe. Federal funding will help equip New York City’s places of worship, schools, and community gatherings with the tools needed to protect New York families.”

The Nonprofit Security Grant Program (NSGP) is run under the Federal Emergency Management Agency’s (FEMA) Urban Areas Security Initiative (UASI). Only eligible nonprofit organizations, as described by the 501(c)(3) tax code of 1986, may apply for this grant. To be eligible, the nonprofit must be at high risk for an international terrorist attack and must be located in one of the designated urban areas throughout the country.

The 30 Jewish organizations that received funding from the New York City area are: the Hebrew Institute of University Heights DBA Hebrew Institute of Riverdale, Park East Synagogue, Chabad Lubavitch of the Upper East Side, Shaare Zion Congregation Inc, Bet Am Shalom Synagogue, Mesivta Yeshiva Rabbi Chaim Berlin, Khal Ichud Chasidim, Bnos Square of Williamsburg, Solomon Schechter School of Westchester, Young Israel of White Plains, Trustees of the Congregation Shearith Israel, Rabbinical Academy Mesivta Rabbi Chaim Berlin, The Center for Jewish Life, Yeshiva of Brooklyn , Jewish Community Center of Staten Island, Congregation Machna Shalva, Gan Yisroel, Riverdale Jewish Center, Sephardic Community Center, Yeshivat Darche Eres, Young Israel of Lawrence Cedarhurst, Temple Beth El, Yeshiva Ahavas Torah, Congregation B’nai Israel, Congregation Ohel Chabad Lubavitch, Reform Temple of Forest Hills, Be’er HaGolah Institutes, Westchester Day School, Ach Tov V’Chesed, and Phelps Memorial Hospital Center.

Cybersecurity for Jewish organizations 101: an update

July 22, 2014

Two years ago the websites of many Jewish organizations were hacked during Israel’s Operation Pillar of Defense. JCRC-NY and ADL (thanks to the ADL for some of the suggestions below) have noted some new attacks against Jewish community websites allegedly motivated by the ongoing conflict in Israel. Hacker groups claiming affiliation to Anonymous, the hacker collective, have attacked and defaced the websites for U.S. based Jewish institutions as well as Israeli government and business websites.

There may be an increase in the frequency and scope of attacks against Jewish websites. Jewish institutions should review their security procedures, including:

Website. Have your website hosted with a professional web hosting company rather than having it reside on an institutional server or  a member’s home computer. Contact your institution’s Internet Service Provider (ISP) and/or website hosting company to discuss what measures are in place to protect your website and its content and what steps should be taken in case of an incident.

When deciding on a web host and ask them:

  • whether they install security patches on a regular and timely basis;
  • how often they make active backups of hosted websites (you should have a current back-up version of the relevant website and establish a periodic policy of taking snapshot backups — e.g., on a weekly basis, in no case should the period be longer than a month).
  • what security measures do the hosting company use to prevent Denial of Service (DoS) attacks and unauthorized Website access. 
  • if they have a disaster recovery procedure that includes someone available as a 24/7 point of contact for emergencies.

Remove any personal information (e.g., personal email, Facebook pages, Twitter handles, home addresses and phone numbers) from organizational websites wherever possible. Website administrators should review website server logs for unusually high visitor activity or visitors from unusual locations and alert their ISP or hosting company immediately.

Passwords. As with institutional email addresses, an effort should be made to limit and control the number of people Website administrator or Webmaster permissions and policy for strong passwords and a schedule for changing passwords.

  • Administrator passwords must be changed periodically (at least every two months). Passwords must be complex, i.e., contain both alpha and numeric characters and have at least one case change. Ideally, they should also contain at least one “special” (non-alpha/numeric) character. Staff names should never be part of any password.
  • You can find tips to create strong passwords and  a utility to check the strength of a potential password here.

Social networks.  Social networking pages are also vulnerable and should be monitored regularly. In addition, wherever possible, institutional staff should remove information about their affiliation with the institution from personal social media pages. See these tips on socializing securely.

ADL is in contact with many of the major Internet and social networking companies. Facebook pages for Hamas and hacker groups have already been removed from the Internet and we will continue our efforts.

Computer systems. Be aware of who has access to their computer, the permissions granted to each account, who has system administrator authorization and who assigns passwords.

  • To the extent possible, financial records should be segregated from membership data and other documents. Many programs allow users to encrypt data, further protecting the confidentiality of constituents. Of course, passwords become critical elements of your data protection efforts.
  • It is always prudent to have active and up-to-date firewall, anti-virus and threat detection software.

Phishing. Remind institutional staff and key members to be wary of attachments to emails.  Computer criminals are adept sending emails from people that you know (often victims of prior phishing attacks) to lure you into a sense of false security. See specific tips and more at Lots of phishing going on: Stop, think, click.

System Intrusion. Computer system intrusion can happen in a variety of ways: access in an unauthorized manner, by an unauthorized user, internally by a member of the institution or externally by the public.

  • Advanced software can alert a system administrator if an unauthorized access has been attempted. Older systems may require a regular manually review of computer logs to detect unwanted access.
  • Computer logs and advanced software, if properly configured, can indicate which computer files, if any, have been accessed. A policy should be established to inform members if files containing personal or sensitive information have been exposed. It is likely best to err on the side of caution in such situations.
  • Unauthorized computer access is potentially a criminal act. System intrusions rarely happen by accident and, as such, it is best to assume the person violating the system is seeking something. As with Website hacking, those perpetrating a system breach, likely know they are breaking the law and may have motivation to justify that risk.
  • As soon as a system intrusion is detected the system administrator must be contacted immediately. Subsequent contact to law enforcement and FBI (http://www.ic3.gov/default.aspx) computer crime specialists would not be an unusual next step.

For more information, explanations and suggestions see the FCC’s Small Biz Cyber Planner.

Final push: Nonprofit Security Grants

May 07, 2014

In New York, Nonprofit Security Grant Program application packages are due by midnight, Friday, May 9th.

Frequently Asked Questions

  • What do I have to do? Use JCRC’s Checklist (download here) to double check yourself.  Remember, there are three separate sets of submissions:
    • Grants Gateway. Your document must be approved and your status report reflecting your approval must be downloaded.
    • Investment Justification. The Excel spreadsheet that is the critical part of the application. (When you open the spreadsheet remember to pay attention to the yellow bars at the top of the page, clicking on “Enable Editing” and “Enable Content”. MAC users, we don’t have a good answer on how to make this work on a MAC. Our advice: borrow a PC.
    • E-Grants. The administrative software used to upload your information and documents into the system.
  • Why should I use the Scoring Worksheet? This is a transparent process. This is the form that the judges use to score your application. There are 40 possible points (plus a bonus for organizations that have never received a grant) and the trick is to “thoroughly” answer every question.
  • You’ve seen a lot of submissions, what do people miss or get wrong?
    • Risk. The section has three elements, each worth 4 of the 40 point total. Many applicants smoosh them together. Threat includes the generalized threats to Jewish institutions (relating that to your institution); incidents, including plots, graffiti, bomb threats, letters, to your institution; and any conclusion from your risk assessment (e.g., This building is determined to be at high risk of a terrorist attack due …). Vulnerability includes the laundry list of shortcomings that need improvement. These can be physical, procedural or training gaps, e.g., ill-fitting doors and windows, lack of an access control policy. Consequences covers both destruction of your facility and/or the injury or death of your people. There are direct and indirect consequences. Think this through for a thorough answer.
    • Target hardening. The question has three parts. For every activity (e.g., installation of new doors, training) you have to describe the activity, how the activity will mitigate a specific vulnerability listed in the Risk section, the Authorized Equipment List code for the activity, and the basic cost of the activity. Make sure that you tell the judges how the activity will prevent or protect against a terrorist attack.
  • Milestones. If you do everything right you probably won’t be able to start until January 1, 2015, because you need to have a signed contract. Most people have projects that require multiple activities. For example, doors and windows are usually special order items, which may take months to fabricate. You can’t complete the installation of an alarm system until the doors and windows are installed. Your milestones should reflect the differences between different activities and how they interrelate. Also, make this your own. For example, you should be giving progress reports to your board. Include that as a milestone.
  • Project Management. People spend a lot of time on the qualifications of their staff, but they miss the governance element. How will your board supervise this major project? For example, you should have a building or security committee, what is their role? Are you using DHSES, police, JCRC or others as subject matter experts? How will do you relate with DHSES?
  • Impact. Much is the answer is a rerun of the Target Hardening section, but make sure to relate it to the Coal Core Capabilities. See our post here.
  • Bonus. If you’ve never received a grant, make sure that you fill in this section for a bonus point.
  • Attachments. People have pressed “submit” in E-grants without attaching the required documents: Mission Statement, Vendor Responsibility Form, Investment Justification, Grants Gateway Status Report, and Risk/Vulnerability Assessment. This might disqualify your submission. Use the checklist.

Protecting religious facilities and the current analysis re the fatal shootings at Kansas Jewish Centers

April 18, 2014

Indicators screenshot

The shootings last week remind us that we are vulnerable on a number of fronts. We thank our partners at the US Department of Homeland Security (DHS) for keeping us informed, with first rate analyses and guidance.

  1. Remember, one of the most important recommendations is to establish a close, working relationship with your local police authorities. They should know about your services, school schedules, special meetings, etc. 
  2. DHS just published: Potential Indicators, Common Vulnerabilities, and Protective Measures: Religious Facilities. This is an new (April 2014) and excellent overview of facility security and emergency planning. It can be used as the agenda for your security/building committee work to plan for the unexpected. There is also a good table with indicators of suspicious activity. Please review it and act accordingly. 
  3. Law enforcement and Homeland Security leaders recommend that organizations train their staffs and constituencies in security awareness, especially the signs of suspicious behavior — i.e., it just doesn’t look right. If you see something, say something: in New York City-1 (888) NYC-SAFE or elsewhere in NY
  4. If you have any questions you can contact the  JCRC here.
  5. Re the shootings. Experts continue to analyze the the 13 April 2014 shootings at Overland Park, Kansas Jewish Community and Retirement Centers, allegedly by white supremacist extremist Frazier Glen Miller, Jr. The FBI and DHS have medium confidence that Miller acted alone. There were no known indicators of imminent violence on the day of the shooting, and there are no suspected co-conspirators at this time. The FBI and DHS continue to assess violence by lone offenders and small cells likely will remain the primary domestic terrorist threat due to the greater potential for operational security afforded to those who act independently of larger groups.
  6. Signs of suspicious behavior:
      • Demonstrating an unusual interest in or unusual questions about security procedures, or engaging in overtly suspicious actions to provoke and observe responses by security or law enforcement officers;
      • Demonstrating an unusual interest in entry points, peak days and hours of operation, security personnel, surveillance assets (including cameras), and access controls such as alarms, barriers, doors, gates, or locks;
      • Demonstrating an unusual interest in security reaction drills or procedures;
      • multiple false alarms or fictitious emergency calls to same locations or similar venues;
      • Loitering, parking, or standing in the same area over multiple days with no reasonable explanation;
      • Unusual interest in speaking with building maintenance personnel or security guards;
      • Attention to or avoidance of surveillance cameras;
      • Interest without justification in obtaining site plans, ingress and egress routes, and information on employees or the public; and
      • Garments not appropriate for the weather or season without a reasonable explanation.

7. Suggested Protective Measures

      •  Increase visibility of armed security and law enforcement personnel in areas adjacent to and in front of security checkpoints to deter unwanted activity; 
      • Raise awareness among employees by conducting “all hazards” awareness training;
      • Establish liaison and regular communications with local, state, and federal law enforcement, emergency responders, and public health organizations to enhance information exchange or clarify emergency responses;
      • Report missing or stolen equipment, to include weapons, to the proper authorities; 
      • Raise community awareness of potential threats and vulnerabilities; and
      • Encourage employees, tenants, and visitors to report anything that appears to be odd or suspicious.

April 3 | Webinar on the NY Nonprofit Security Grant applications

March 26, 2014

Thursday, April 3, 2014
2:00 – 3:30 PM

The 2014 Nonprofit Security Grant application package will soon be available in New York. Join in a webinar, introduced by NY DHSES Commissioner Jerome Hauer. DHSES Program Representative Valerie Bloomer will discuss this year’s changes in the process (including pre-qualification) and the JCRC-NY’s David Pollock will talk about filling out the Investment Justification.

Reservations are required, space is limited. Click here to RSVP.

Join the meeting: https://join.me/jcrcnewyork

On a computer, use any browser with Flash. Nothing to download.
On a phone or tablet, launch the join.me app and enter meeting code: jcrcnewyork

Join the audio conference: 
Dial a phone number and enter access code, or connect via internet.

By phone: 
United States   +1.213.226.1066
Access Code   703-292-198#

By computer via internet: 

Join the meeting, click the phone icon and select ‘Call via internet’. A small download might be required.

Links for the presentations and all of the materials mentioned during the webinar will be available at www.jcrcny.org/securitygrants.

It’s here, the 2014 Nonprofit Security Grant

March 18, 2014

The U.S. Department of Homeland Security (DHS) released its initial guidance today. The New York Department of Homeland Security and Emergency Services (DHSES) hopes to have the necessary approvals and release their Request for Applications sometime next week. We’ve begun to update our webpage www.jcrcny.org/securitygrants with the 2014 material.

The application package for New York nonprofits will be due around the end of April, possibly as late as May 9th. DHS should announce the results at the end of July. The DHS materials are available here. Remember: The “applicants” referred to in the links on the DHS page are the state agencies. All organizations are bound by the requirements of and dates set by New York DHSES. The New York materials will be available at http://www.dhses.ny.gov/grants/nonprofit.cfm when they are approved.

The big change this year is that New York nonprofits must pre-qualify (see below), which may take several weeks (see below). While completing the pre-qualification process, organizations should assemble the materials for their Investification Justification (see here). Get started now!

New York’s new requirement: pre-qualification

Applications from New York nonprofit organizations that have not “pre-qualified” will not be considered, so we recommend that you start this process immediately. Your pre-qualification package cannot be approved overnight – don’t wait until the last minute.

See the Grants Gateway at http://grantsreform.ny.gov/.

  • First steps.
    • Fill out the Registration Form for Administrator, have it notarized.
    • Create an organization chart that shows the head of your organization. The state has some samples here. JCRC-NY created a sample for religious schools here. Be sure to fill in the appropriate names in the boxes.
    • New applicants must request an SFS ID. Do so by completing a copy of Substitute W-9.
    • Mail the notarized Registration Form, Substitute W-9 and Organizational Chart to: Division of Budget – Grants Reform, Agency Building 1 – 5th Floor, Empire State Plaza, Albany, NY 12224.
  • Tutorial. Watch the video on completing the Pre-Qualification process here.
  • Written resources. The Grants Gateway website contains the definitive information. Be sure to check the required list of documents at Documents and Questions. More information can be found at the FAQs About Prequalification and the full manual.
  • Assistance. Any organization unsure about how to respond to the questions should contact the Statewide Grants Reform office at grantsgatewayhelp@budget.ny.gov or (518) 474-5595. While we try to learn as much as we can, the advice given by the Statewide Grants Reform office is definitive.
  • Documents. The Grants Gateway website has lots of information. You should consider their requirements and answers as the final word. A short list of the documents that organizations are required to submit include:
      1. Certificate of Incorporation or equivalent document.
      2. IRS 501(c)(3) determination letter. As long as your organization is seeking tax exempt status and can show that it
        has applied for a 501(c)(3) tax exemption from the IRS, then the uploading of a copy of your application form or a copy of the receipt letter from the IRS, is sufficient. They also recognize that some tax exempt organizations are not required to file for IRS 501(c)(3) recognition.Your organization will not be penalized if you do not submit its determination letter, if:

        • you are not required to have one; and
        • you write a letter attesting to the fact. For example, houses of worship and organizations incorporated pre-1969 are not required to file for 501(c)(3) recognition . Religious organizations need only provide a statement, including their official name, stating that they are a religious corporation and exempt from IRS recognition.
      3. IRS 990.
        Houses of worship and some other religious corporations are not required to file an IRS 990. If your organization is not required to file an IRS 990, Religious organizations need only include a statement, including their official name, stating that you are a religious corporation and exempt from the requirement to file an IRS 990. If you do file, please include your latest IRS Form 990.
      4. Audit/Reviews and Findings. In NY, organizations with revenues greater than $250,000 must provide an independently audited financial statement. Organizations with revenues of less than $250,000 but greater than $100,000, must provide a financial statement reviewed by a CPA. Organizations with revenues of less than $100,000 need only provide a copy of the most recent internal financial report.Prequalification Audit Change.
        • Previous Audit Requirement – CPA reviewed audit with management letter for organizations with revenues over $250K.
        • New Audit Requirement (3/25/2014) – Entities that are exempt by Executive Law § 172-a from submitting financial disclosure materials to the Attorney General’s Charities Bureau (such as religious organizations involved in exclusively non-secular activities) should, regardless of their annual revenue, provide their most recent internal financial report reviewed by the board.  This is the same financial disclosure requirement for prequalification that applies to organizations with revenues of less than $100,000.
      5. NY State Attorney General Charities Bureau Form CHAR500 or CHAR410. Most not-for-profit organizations must file either a CHAR 410 (for newly formed entities within the first year of operations) or a recent CHAR500 with the NY State Charities Bureau. Religious organizations, as well as educational corporations that confine solicitations to their student body, alumni, faculty and trustees and their families; need only include a statement, including their official name, stating that they are a religious or an educational corporation and exempt from registration with the New York State Attorney General.
      6. Board of Directors Profile. A sample profile template can be found here. This document should include board member names and affiliations, a list of the board
        committees and chairs, and a list of board officers.
      7. Senior Leadership Resumes.
        Not-for-profits must upload the resumes or CV’s of their Senior Leadership team. The positions included should be Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, Executive Director, President, or other high ranking officials. Individuals should upload their own resume or CV.
      8. Corporate Bylaws

There are also questions covering organizational policies supporting good governance, etc. The Grants Gateway (especially the manual) website has the rationale, samples and links to other sites with further information. If you have any questions about prequalification, please go to the Grants Reform website at http://www.grantsreform.ny.gov/Grantees or contact DHSES at 1-866-837-9133.

The Grant itself

Vulnerability assessment. We expect that the “Investment Justification” will again be based on a “previously conducted vulnerability assessment.” See Getting a vulnerability assessment for more details and suggestions.

Coming soon, the 2014 nonprofit securitygrant

March 12, 2014

We expect the U.S. Department of Homeland Security to release the guidance on the program to the states on or about March 18th. We don’t expect any major changes in the requirements. New York DHSES will secure the necessary approvals and release their Request for Applications the following week.

This year’s budget includes $13 million in federal funding to help protect high-risk non-profit institutions from terrorist attacks. This is a $3 million increase over the fiscal year 2013 funding levels for the Nonprofit Security Grant Program. New York nonprofits must pre-qualify (see below), which may take several weeks (see below). While completing the pre-qualification process, organizations should assemble the materials for their Investification Justification (see here). Get started now!

New York’s new requirement

Pre-qualify with NY State. Applications from New York nonprofit organizations that have not “pre-qualified” will not be considered, so we recommend that you start this process immediately. Your pre-qualification package cannot be approved overnight – don’t wait until the last minute.

See the Grants Gateway at http://grantsreform.ny.gov/.

  • Written resources. The Grants Gateway website contains the definitive information. Be sure to check the required list of documents at Documents and Questions. More information can be found at the FAQs About Prequalification and the full manual.
  • Assistance. Any organization unsure about how to respond to the questions should contact the Statewide Grants Reform office at grantsgatewayhelp@budget.ny.gov or (518) 474-5595. While we try to learn as much as we can, the advice given by the Statewide Grants Reform office is definitive.
  • Documents. The Grants Gateway website has lots of information. You should consider their requirements and answers as the final word. A short list of the documents that organizations are required to submit include:
    1. Certificate of Incorporation or equivalent document.
    2. IRS 501(c)(3) determination letter. As long as your organization is seeking tax exempt status and can show that it
      has applied for a 501(c)(3) tax exemption from the IRS, then the uploading of a copy of your application form or a copy of the receipt letter from the IRS, is sufficient. They also recognize that some tax exempt organizations are not required to file for IRS 501(c)(3) recognition.Your organization will not be penalized if you do not submit its determination letter, if:
      • you are not required to have one; and
      • you write a letter attesting to the fact. For example, houses of worship and organizations incorporated pre-1969 are not required to file for 501(c)(3) recognition . Religious organizations need only provide a statement, including their official name, stating that they are a religious corporation and exempt from IRS recognition.
  • IRS 990. Houses of worship and some other religious corporations are not required to file an IRS 990. If your organization is not required to file an IRS 990, Religious organizations need only include a statement, including their official name, stating that you are a religious corporation and exempt from the requirement to file an IRS 990. If you do file, please include your latest IRS Form 990.
  • Audit/Reviews and Findings. In NY, organizations with revenues greater than $250,000 must provide an independently audited financial statement. Organizations with revenues of less than $250,000 but greater than $100,000, must provide a financial statement reviewed by a CPA. Organizations with revenues of less than $100,000 need only provide a copy of the most recent internal financial report.
  • Exceptions.
    • Religious organizations pursuing religious activity are exempt from the financial filing requirements regarding audit/reviews and findings.
      If you are a religious organization pursuing religious activity, you need only include a statement, including your official name, stating that you are a religious corporation pursuing religious activity and not required to report or file financial information with the New York State Attorney General.
    • However, religious organizations that engage in any form of secular activity (i.e. food bank, daycare, social justice advocacy, secular education, job training, conservation, after school athletics, etc.) must file through the Grants Gateway their audit/reviews or findings, consistent with their level revenues .
    • JCRC has inquired whether certain schools, exempt from filing with the New York State Attorney General, are required to file audit/reviews or findings.
  • NY State Attorney General Charities Bureau Form CHAR500 or CHAR410. Most not-for-profit organizations must file either a CHAR 410 (for newly formed entities within the first year of operations) or a recent CHAR 500 with the NY State Charities Bureau. Religious organizations, as well as educational corporations that confine solicitations to their student body, alumni, faculty and trustees and their families; need only include a statement, including their official name, stating that they are a religious or an educational corporation and exempt from registration with the New York State Attorney General.
  • Board of Directors Profile. A sample profile template can be found here. This document should include board member names and affiliations, a list of the board committees and chairs, and a list of board officers.
  • Senior Leadership Resumes.
    Not-for-profits must upload the resumes or CV’s of their Senior Leadership team. The positions included should be Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, Executive Director, President, or other high ranking officials. Individuals should upload their own resume or CV.
  • Corporate Bylaws

There are also questions covering organizational policies supporting good governance, etc. The Grants Gateway (especially the manual) website has the rationale, samples and links to other sites with further information.

The Grant itself

Vulnerability assessment. We expect that the “Investment Justification” will again be based on a “previously conducted vulnerability assessment.” See Getting a vulnerability assessment for more details and suggestions.

  • Read and understand the Investment Justification. Download the Investment Justification from last year here. There will be some changes, but they are usually minor. You can find JCRC-NY’s guidance on each section on the “Security Grants” webpage (and below). Note: many applicants lost points last year because they did not properly respond to the questions.

There will be a 2014 grant…soon

February 18, 2014

Status

This year’s budget includes $13 million in federal funding to help protect high-risk non-profit institutions from terrorist attacks. This is a $3 million increase over the fiscal year 2013 funding levels for the Nonprofit Security Grant Program. We don’t know when the U.S. Department of Homeland Security will release the guidance on the program (best guess mid to late March), but we don’t expect any major changes. Get started now!

The newest requirement

Pre-qualify with NY State. Applications from New York nonprofit organizations that have not “pre-qualified” will not be considered, so start this process immediately. See the Grants Gateway at http://grantsreform.ny.gov/grantees. We requested a webinar on pre-qualification to assist you. Stay tuned.

  • Documents. Here is a quick summary of the necessary documents (the official website contains the definitive information). Make sure to check the required list of documents at Documents and Questions. There is more information at FAQs About Prequalification and a full manual. You will need:
    1. Certificate of Incorporation or equivalent document.
    2. IRS 501(c)(3) determination letter. As long as your organization is seeking tax exempt status and can show that it
      has applied for either a 501(c)(3) or 501(c)(4) tax exemption from the IRS, then by uploading a copy of your application form or a copy of the receipt letter from the IRS, everything
      should be fine. Also, we recognize that some tax exempt organizations are not required to
      file for a 501(c)(3), so they will not be penalized for not producing this document. [JCRC comment: Houses of worship are not required to file for 501(c)(3) recognition. They should simply state, on organizational letterhead: As a religious corporation they are not required to secure an IRS 501(c)(3) determination letter.]
    3. IRS 990. Houses of worship and some other religious corporations are not required to file an IRS 990. [JCRC comment: Houses of worship are not required to file for 501(c)(3) recognition. They should simply state, on organizational letterhead: As a religious corporation they are not required to file IRS Form 990.]
    4. Audit/Reviews and Findings.In NY, organizations with revenues greater than $250K
      must provide an independently audited financial statement. Organizations with revenues of less than $250K but greater than $100K, must provide a financial statement reviewed by a CPA. Organizations with revenues of less than $100K need only provide a copy of the most recent internal financial report. [JCRC comment: This is a requirement, if your organization’s revenues exceed $250,000 there is no alternative. We are afraid that this will disqualify many organizations.]
    5. CHAR500 or CHAR410. All not-for-profit organizations must file either a CHAR 410 (for newly formed entities within the first year of operations) or a recent CHAR 500 with the NY State
      Charities Bureau
      . [JCRC comment: There is a form to request an exemption (Schedule E).]
    6. Board of Directors Profile. A sample profile template can be found here. This document should include board member names and affiliations, a list of the board committees and chairs, and a list of board officers.
    7. Senior Leadership Resumes. Not-for-profits must upload the resumes or CVs of their Senior Leadership team. The positions included should be Chief Executive Officer, Chief Operating Officer, Chief Financial Officer, Executive Director, President, or other high ranking officials. Individuals should upload their own resume or CV.
    8. Corporate Bylaws

There are also questions about governance, etc.

The Grant itself

Vulnerability assessment. We expect that the “Investment Justification” will again be based on a “previously conducted vulnerability assessment.” See Getting a vulnerability assessment for more details and suggestions.

  • Read and understand the Investment Justification. Download the Investment Justification from last year here. There will be some changes, but they are usually minor. You can find JCRC-NY’s guidance on each section on the “Security Grants” webpage (and below). Note: many applicants lost points last year because they did not properly respond to the questions.

Read More There will be a 2014 grant…soon

Prospects look good for a 2014 grant

January 09, 2014

Update January 15: Today, the House voted overwhelmingly, 359-67, to approve a $1.1 trillion spending bill for the current fiscal year. It is expected to move quickly through the Senate and be signed by the President. The bill appropriates $13 million for the Nonprofit Security Grant Program, an increase of 30% over last year.

Update January 14: Congress filed the omnibus appropriations bill late yesterday, including funding for the Nonprofit Security Grant Program. The bill will be debated over the weekend.

Thanks to the incredible work of a coalition led by The Jewish Federations of North America/JFNA (with JCRC-NY and UJA-Federation playing active roles) there is likely to be another round of the Nonprofit Security Grant Program (NSGP). The JFNA Washington Office, directed by William Daroff, and its Senior Director, Legislative Affairs, Rob Goldberg deserve our most heartfelt gratitude.

For those who want the gory details: The House and Senate Appropriations Committees continue work to complete the FY14 Omnibus Appropriations bills before the current Continuing Resolution (CR) expires on January 15th. As has been the case over the past few years, it is doubtful that they will complete their work before the deadline, so there is likely to be another, short CR, giving Congress additional time to debate and vote (after all, the Omnibus bills cover virtually the entire federal budget). According to reports as of January 8th, the DHS budget was not yet approved, but is largely completed. Once the DHS budget is approved, our Washington champions will learn how much was allocated for the NSGP.

Appropriators on both sides of the aisle and chambers have pressed for a clean bill that does not include divisive partisan policy riders.  However, once the bill is filed and details emerge there are likely to be calls for amendments to diminish or obstruct implementation of Obamacare, EPA rules, and Wall Street protections or support anti-abortion policies (more than 130 such policy riders that have been mentioned, including aid for houses of worship damaged by Superstorm Sandy). There also remain, especially in the House, a number of conservatives who would still prefer passing a year-long CR at the lower FY13 spending level.

Get Ready

We strongly urge organizations contemplating applying for a grant to immediately take steps to deal with some of the details of the application package:

  • Pre-qualify with NY State. Applications from New York nonprofit organizations that have not “pre-qualified” will not be considered, so start this process immediately. There are five parts of this process so we strongly urge you to start now because it may take some time. We will schedule a webinar on pre-qualification in the near future.

Effective August 1, 2013, not-for-profit organizations must be prequalified in order to do business with New York State (i.e., to receive a grant). In order to prequalify, not-for-profit organizations must submit an online Prequalification Application through the Grants Gateway. The Prequalification Application is comprised of five components to gauge your organizational structure and the types of services you provide. The required forms and document uploads are all part of the Document Vault. Resources to complete the application and associated document vault can be found in the Quick Links Section of the Grants Gateway website: http://grantsreform.ny.gov/Grantees.

  • Vulnerability assessment. We expect that the “Investment Justification” will again be based on a “previously conducted vulnerability assessment.” See Getting a vulnerability assessment for more details and suggestions.
  • Read and understand the Investment Justification. Download the Investment Justification from last year here. There will be some changes, but they are usually minor. You can find JCRC-NY’s guidance on each section on the “Security Grants” webpage (and below). Note: many applicants lost points last year because they did not properly respond to the questions.