IT Maturity: Lessons Learned Over the Last 15 Years

  • Photo of Cara Van Ryn
    Cara Van Ryn

Over 15 years ago, we developed The 501(c) IT Maturity Model™ (ITMM) to help associations and nonprofit organizations align their IT with their business goals by measuring the effectiveness of the four primary functions of IT: management, data, digital, and infrastructure. The framework is based on over 30 years of experience and hundreds of enduring engagements with nonprofits and associations of all types and sizes.  

In our 15 years of using the ITMM framework to conduct assessments, we’ve seen that many organizations struggle with a common set of fundamental problems. While these findings can’t replace a well-organized assessment of your organization’s unique IT needs, they should serve as an excellent starting point for diagnosing your technology-driven aches and pains. We’ve separated our tips into the four primary functions of IT to match how we organize our assessments.  


The management function of your IT includes how your organizational culture, departmental collaboration, governance, professional development expectations, business processes, and budgeting all impact the effectiveness of your technology. Improving your IT management is often the first step you need to take to improve your IT environment. 

Over the last 15 years, we’ve seen immense advances take place when organizations take some steps to improve their IT management:  

  • Don’t react to IT issues as they come up. Instead, take a proactive approach to your technology by engaging in strategic planning. By working out a technology plan, you can deal with fewer disruptive issues by simply preventing them in the first place. 
  • Facilitate regular discussions about technology. These should involve an internal advisory team that represents all aspects of the organization, and you should establish a dedicated IT leader to facilitate if possible. This will help you understand the current state of your organization’s technology environment. 
  • Assign roles and responsibilities for your main technology platforms. This helps staff know who owns what. If all your staff assume someone else is responsible for a platform, then no one is taking care of it. 
  • View investment in your technology as a multiplier. Investing in technology can enhance how well your staff perform and how well your organization meets your business goals. If you want to improve your IT environment, you have to make some kind of investment in your technology whether it’s time, money, or both. 
  • Train staff on how to use the technology required for their work. Some organizations are hesitant to invest in staff training as staff can always leave, but we recommend doing so as your staff might also stay and work inefficiently as they lack the proper training to streamline their workflow. 


The data function of your IT refers to how your organization handles data, which is the lifeblood of most organizations. Here at DelCor, we often emphasize the importance of data strategy in our work because handling data well means you can use it to its fullest extent.  

To improve your data function, we tend to recommend the following: 

  • View data as one of your organization’s greatest assets and strategize how to use it. Creating a data strategy is the first step in using data as effectively as possible. 
  • Understand what data you are collecting and why. When you are intentional with your data collecting, you can ignore irrelevant data in favor of the data that drives effective decision-making. Increasing your staff’s data literacy is also a useful tool to make more data-driven decisions. 
  • Do some spring cleaning with your data. Get rid of clutter and rework your organization system as needed. Decide on a naming scheme for files and folders and stick to it so that data can be easily located. 


The digital function analyzes your organization’s digital presence, which includes online community, social media, email communications, and mobile representation. Your digital presence often constitutes a visitor’s initial—and in some cases, their only—interaction with your organization and therefore delivers their first impression of your organization and its work. The digital profile tells the organization’s story—who you are, what you do, and why it is important. 

Based on our work over the years, we’ve found many organizations can improve their digital presence by doing the following: 

  • Improve your website governance by creating a digital strategy and deciding on digital policies and standards. 
  • Develop a website style guide so that users have a consistent experience throughout your website. Make sure your website is mobile-friendly for the sake of consistency. 
  • Invest in website accessibility so that the contents of your website are accessible to as many people as possible. 


The infrastructure function measures whether your organization has a solid and secure network setup—servers, switches, cloud services, and workstations—as your infrastructure is the supporting foundation for all information services. A crucial part of your organization’s infrastructure is your security as it protects not only your network itself but also your data. 

As hardware can vary quite a bit from organization to organization, here are some tips focusing on security that we’ve found work for most organizations: 

  • If you haven’t already, move data to the cloud so that it’s protected and easily accessible by staff. Before transitioning to the cloud, make sure you organize your data to make your move as productive as possible and save money on cloud storage. 
  • Identify the crown jewels of your organization, such as member data, key artifacts, documents, and other pieces of proprietary or unique data. This will help you decide what data needs the most protection. 
  • Prioritize securing the data that needs the highest level of protection and is accessed frequently. It’s important to use multi-factor authentication (MFA) and other security measures to keep your data safe, but you do have to consider the trade-off between costs and results for heightened security and backup as well as recovery. 
  • Use MFA for all systems accessed remotely. A second authentication method in addition to a username or password makes it much harder for bad actors to access your accounts.  

We hope that some of what we’ve learned can help your organization improve your IT. If you’re intimidated by making any of these changes or aren’t sure what the state of your IT is in the first place, please reach out! We’re happy to work with you to conduct an ITMM assessment or jump straight into making the changes your organization needs to be more effective. 

Talk to Our Experts

Looking for more information? Have questions? We’re here to help!
Drop us a line, and we’ll get in touch right away.