I have a piece up on Medium about our SAFETAG project. It's a project that myself and another colleague have spent countless hours building out to really focus on working with small non-profits on assessing their risks and providing a framework for them to think critically about what really matters to their work, and how to most reasonably address them based on potential impact, real risk of it happening, and their capacity to change digital security practices.
It continues to be very rewarding work, and our tiny team has gotten to see a lot of amazing changes take place by the organizations which have been audited through this process. Anyhow. Check out our piece on Medium: https://medium.com/local-voices-global-change/meet-safetag-helping-non-… , but also take a look at the framework itself at SAFETAG.org. It's an open source framework, and we'd love to see questions and commits over on our github repository!