nfphub
Compliance

Managing Board Member Onboarding: Getting Security, Policies and Declarations Right

JW

John Williamson

November 28, 2025

Why Onboarding Matters More Than Most Boards Realise

Appointing a new board member is a governance event, not just an administrative task. The person joining your board will have access to sensitive financial information, strategic plans, personnel matters, and legal advice. They will vote on decisions that affect the organisation's future and carry personal liability for those decisions.

Despite this, many not-for-profit boards treat onboarding as an afterthought. A new director might receive a welcome email, a link to some documents, and an invitation to the next meeting. There is no structured process, no security briefing, and no formal acknowledgement of the responsibilities they are taking on.

This creates risk. A director who does not understand their duties may act outside their authority. A director who has not signed a confidentiality agreement may inadvertently disclose sensitive information. A director who has not declared their conflicts of interest may compromise the board's decision-making integrity.

A clear, repeatable onboarding process protects the organisation, supports the new director, and signals that your board takes governance seriously.

The Onboarding Journey: A Three-Phase Approach

Effective onboarding does not happen in a single sitting. It unfolds across three phases, each with distinct objectives.

Phase One: Before Appointment

Before a new member is formally appointed, ensure the following steps are completed:

  • Background check and eligibility verification: Confirm that the candidate is eligible to serve as a director under your constitution and relevant legislation. In some jurisdictions, this includes checks for disqualification orders, bankruptcy, or criminal convictions.
  • Role description and expectations: Provide a written description of the director's role, time commitment, meeting schedule, and any committee responsibilities. Set expectations clearly before the person accepts the position.
  • Preliminary governance documents: Share the organisation's constitution, strategic plan, and most recent annual report. This gives the candidate enough context to make an informed decision about joining.

Phase Two: On Appointment

Once the appointment is confirmed, move quickly to complete the formal onboarding steps:

  • Governance induction pack: Provide a comprehensive pack that includes the constitution, board charter, code of conduct, conflict-of-interest policy, confidentiality policy, delegations of authority, and any relevant governance policies.
  • Security setup: Create the director's account on the board management platform, configure access permissions, and ensure they can log in and access materials. Provide guidance on password management and two-factor authentication.
  • Declarations and acknowledgements: Collect all required declarations (detailed below). These should be signed and filed before the director participates in their first meeting.
  • Introductions: Arrange for the new director to meet the chair, the CEO, and key staff members. If possible, schedule a one-on-one orientation with the chair to discuss board culture, expectations, and current priorities.

Phase Three: Before the First Meeting

In the days leading up to the new director's first board meeting, ensure they are fully prepared:

  • Board pack access: Confirm the director has received and can access the board pack for the upcoming meeting.
  • Meeting protocols: Brief the director on how meetings are run, including the role of the chair, how items are raised, how votes are conducted, and how conflicts of interest are managed during meetings.
  • Buddy system: Consider pairing the new director with an experienced board member who can answer questions, provide context during meetings, and help the new member settle in.
  • Follow-up check-in: After the first meeting, schedule a brief check-in to address any questions, clarify expectations, and gather feedback on the onboarding experience.

Essential Governance Documents

Every new director should receive and be expected to read the following documents as part of their onboarding:

  • Constitution or rules of association: The foundational legal document that establishes the organisation and defines its governance structure.
  • Board charter: Defines the role, responsibilities, and operating procedures of the board.
  • Code of conduct: Sets out the behavioural standards expected of directors.
  • Conflict-of-interest policy: Explains how conflicts are identified, declared, and managed.
  • Confidentiality policy: Defines what information is confidential and how it must be handled.
  • Delegations of authority: Clarifies the boundaries between the board's authority and the CEO's authority.
  • Strategic plan: Provides context for the organisation's direction and priorities.
  • Most recent financial statements: Gives the director an understanding of the organisation's financial position.
  • Risk register: Highlights the key risks the board is currently monitoring.
  • Previous board minutes (last 3-6 meetings): Provides context for ongoing discussions and decisions.

Security Awareness for Board Members

Board members access sensitive information across multiple devices and locations. A security awareness briefing should be part of every onboarding process.

Key topics to cover:

  • Password management: Directors should use strong, unique passwords for the board portal. Encourage the use of a password manager.
  • Two-factor authentication: Explain how to set up and use two-factor authentication. Make it mandatory if your platform supports it.
  • Device security: Directors should keep their devices updated, use screen locks, and avoid accessing board materials on shared or public computers.
  • Email and phishing: Warn directors about phishing attempts that may target them in their board role. Explain what to do if they receive a suspicious message.
  • Document handling: Clarify that board materials should not be forwarded to personal email accounts, stored on unsecured personal devices, or shared with anyone outside the board.
  • Incident reporting: Explain how to report a suspected security incident, such as a lost device, a compromised password, or accidental disclosure of confidential information.

Must-Have Declarations

Declarations are formal signed documents that create a record of the director's acknowledgements and commitments. The following should be collected from every new director before their first meeting.

Consent to Act as a Director

This declaration confirms that the person consents to their appointment, acknowledges the responsibilities of the role, and confirms they are not disqualified from serving. It is a legal requirement in many jurisdictions and provides the organisation with a formal record of the appointment.

Conflict of Interest Declaration

Every director should complete an initial conflict-of-interest declaration listing any personal, financial, or professional interests that could create a conflict with the organisation's activities. This declaration should be updated annually and whenever a new conflict arises.

The declaration should cover:

  • Directorships and leadership roles in other organisations
  • Financial interests in entities that do business with the organisation
  • Family or personal relationships with staff, contractors, or other directors
  • Any other interests that could reasonably be perceived as creating a conflict

Confidentiality Agreement

This agreement confirms that the director understands the confidential nature of board materials and discussions, and commits to handling confidential information appropriately. It should specify what constitutes confidential information, how long the obligation lasts (typically beyond the director's tenure), and the consequences of a breach.

Security Acknowledgement

This declaration confirms that the director has received the security briefing, understands the organisation's information security requirements, and agrees to comply with them. It should cover device security, password management, acceptable use of the board portal, and the director's obligation to report security incidents.

Building a Repeatable Onboarding Checklist

A checklist ensures that nothing is missed, regardless of who is managing the onboarding. Here is a practical template:

Pre-Appointment

  • Eligibility verified
  • Role description and expectations provided
  • Preliminary governance documents shared
  • Candidate confirmed acceptance

On Appointment

  • Board portal account created and tested
  • Two-factor authentication configured
  • Governance induction pack provided
  • Consent to act signed
  • Conflict-of-interest declaration completed
  • Confidentiality agreement signed
  • Security acknowledgement signed
  • Introduction to chair and CEO scheduled
  • Orientation meeting with chair completed

Before First Meeting

  • Board pack access confirmed
  • Meeting protocols briefed
  • Buddy assigned
  • Calendar invitations sent for all scheduled meetings

After First Meeting

  • Follow-up check-in completed
  • Feedback collected
  • Any outstanding documents or declarations obtained

Making It Sustainable

Onboarding is not a one-off project. It is a process that should be documented, reviewed, and improved with each new appointment. Store your onboarding checklist and templates in your board management platform so they are accessible to whoever manages the next appointment.

Ask new directors for feedback on their onboarding experience. Their perspective will help you identify gaps and improve the process for future appointees. Over time, a well-run onboarding process becomes a hallmark of a well-governed organisation.

Ready to simplify your board governance?

Try nfphub free for 30 days. No credit card required.

Related Articles

Compliance

State-by-state nonprofit compliance: key differences your board should know

Compliance

Board oversight of financial audits: a director's guide

Compliance

Document retention policies for nonprofit boards

Back to all articles