< Back to IA Policy & Implementation Series


Some information is used so often that we forget the importance it has to the continuation of an organization, whether it is for-profit or nonprofit. The following is our basic guide for common assets organizational leadership forgets to adequately protect. In some cases, not all of these will be appropriate and in others, the information may be different.

This guide focuses on the organization’s finances, direct relationships, and any third-party relationships that your organization has an obligation to keep confidential to protect its identities from others. Also, some guidance is provided on managing the shared ownership of some of these important assets. The following is general in nature and should be considered educational and not specific advice for your organization.

11 Common Asset Classes of Intellectual Assets (IA)

  1. Contact Lists are comprised of clients, prospective clients, constituents, donors, or stakeholders.

This asset is often the most valuable and hence most contentious of the assets we will look at. Seldom is there a specific policy about how shared ownership might be had in smaller professional service and nonprofit organizations? Having a specific policy that is both reasonable and equitable for all parties is the first step to protecting this central and most valuable of all the assets of any organization. 

Often the exit of a key employee is the precipitating event that causes turmoil and disruption in an organization. If it is known which information is appropriate and legal for that employee to retain, then there is a way to determine what they will take, where rights of use lie for everyone and how the business will continue after the key employee exits. Establishing the rules for the protection of personal and corporate contact lists becomes a key business policy that should be part of every organization’s policies.

A subset of this is the “Personally Identifiable Information” of employees you have hired over time. Employers have a legal requirement to retain some of this information, as well as the information connected to employee actions and influences on other processes and policies as a matter of organizational culture. Understanding how to protect the essential identity information becomes a prime consideration for all organizations. name, address, telephone number, e-mail address, or information about activities directly linked to that person. Other metadata about employees such as their training certificates and other special designations should be protected as well

  1. Metadata and information on current and prospective organization accounts and stakeholders, including, but not limited to, the identity of the account holders, the decision-makers or decision influencers, the buying or support criteria of the accounts, and products or programs for those accounts.

This information is often some of the most central for making operational decisions and forming an ongoing strategy for your organization. How your buyers, suppliers, and stakeholders perform should be closely held information known only to those who have a need to know as they form strategies and operational strategies. Often this is to be held as Trade Secrets and would not be open for negotiation as part of an employee’s personal knowledge they can sever from an organization.

  1. All of your unique online identification and persona. This includes all registered domains, social media accounts, unique hashtags, and online content both currently published or withdrawn or not published. 

It is said that once published on social media, it is almost impossible to remove all traces of your existence online. Therefore, all your online persona should be treated as if it were a corporal person. It would be a good policy to protect all access to these accounts, and published contacts and implement the most private settings for all domains and corporate user accounts. 

  1. Your management processes, training materials, scripts, programs, and preferred responses to questions from current, former, or prospective clients or stakeholders pertaining to features and benefits of [ABC]'s products, offerings, and programs provided to all market sectors and supported constituencies. 

Often internal policies aren’t even documented properly. When they are, many times they are used as public evidence documents in proposals, quotes, and other publically accessible and unprotected documents. Be wary of disclosing key components of processes, programs, and products that would diminish your organization's competitive position. While general descriptions are often used, be on guard about disclosing particular details. To further protect these assets, restrict their internal distribution to only those who have a real reason for knowing and make sure they understand the importance and fiduciary responsibility they hold once they receive such information. Often training modules have some of this information in them, so be aware of and make sure these documents are protected to the same level as the other documents that hold such information.

Include all skills development and organizational development programs that provide specific and unique benefits for your organization. Including any custom-developed programs developed for your organization or provided under a limited-use license. 

This is an area where those employees who develop training and processes may have some desire to retain ownership of the core knowledge of those beneficial artifacts. Make sure there is very clear guidance around these activities. Where there is clear evidence they are bringing their prior knowledge to the organization, then it may be appropriate to create a “shop license” for the specific assets created from their prior knowledge so they can continue to use their knowledge outside the confines of an employment agreement.

  1. Business models and financial information, data, and materials of [ABC] are not otherwise available to the general public.

Some of the internal constructs of a business model can often be classified as Trade Secrets. As such, it should be restricted to only those who are required to know it. Often if the secret can be further broken down into subcomponents and further restricted, it helps to further protect key business model secrets. These are often some of the crown jewels of any organization because it gives them significant market advantages over other competitors. These are assets that have to have a policy of accountability for custody and return.

  1. Specific contracts, licenses, and other legal instruments that are exclusive to [ABC] and embody unique and specific terms and conditions as part of the business relationship and business model. 

Contracts, agreements, licenses, and other legal documents used in the normal course of business that contains unique information about your organization should be considered a protected asset. This is true especially where those agreements outline specific and unique business models or, licensing agreement terms and conditions.

  1. Market research or works for hire materials, including, but not limited to, industry data, demographics, [ABC] profiles, and/or specific consumer behavior information, including all unpublished press releases which have specific application to [ABC].

These works should be specific to your organization and how it fits within your industry. These are unique and specific works for your benefit. Protect them as key organizational assets. Restrict their access and make sure everyone who has access is accountable for their custody and return. While they are almost always to be considered proprietary, they might also be considered Trade Secrets if they are to be considered core business assets that define the reason and evidence for why a business operates as it does. This kind of information is often overlooked in a nonprofit organization but is most often the real reason for the existence and effectiveness of the organization. 

  1. Monthly financial, statistical and operational information and reports and all other information concerning sales, engagement rates, retention rates, donor participation, real estate lease terms, and property ownership.

This is a typical leaking point for most companies. Since public companies have to report their annual reports and much of the information in this section is often included in a public annual report, much of the detail that goes to the summaries should not be public knowledge, especially if it is derived from internal, private data.

Property ownership and lease terms are often thought to be real estate assets, but they can also be part of extensive supply chain assets as well. Understanding how all assets are accounted for is important in protecting key organization assets. Often you are holding assets that will be passed on to others. Making sure you protect their identities and the terms of those business relationships is important IP for your organization.

  1. Monthly financial statements, including, but not limited to, any materials prepared for the Board of Directors and other senior executive staff.

If these reports get out, along with the accompanying descriptive information often provided to Board Members and other senior executive staff, many unintended consequences can happen. These reports often raise more questions than answers they provide and that creates distractions and takes resources away from other more valuable work that should be accomplished. 

  1. All internally developed source code and the techniques and processes embodied therein, including, but not limited to, original product, modifications to existing source codes for any information systems or, proprietary modifications to packaged applications, and all future internally developed source code not covered as a license from any party under a separate license agreement.

Software code developed by outside contractors for you often is only good for your application and internal business processes. But you must consider that the “hired gun” you brought in is the expert and their expertise cannot be constrained for your exclusive use. You may want to look at license agreements that give you “shop rights” for their work but do not and cannot restrict the use of the essential ideas to your software. Even in some cases, an internal employee may have ideas that go well beyond the organization. It could be possible to license these assets and if the company is dissolved allow those assets to revert to the original author. 

  1. Information provided to [ABC] from a third party under a non-disclosure agreement or licensed for limited or provisional use or access.

This area is one that is often thought to be benign and almost unimportant and overlooked. But in today’s complex supply chain environments, no organization is immune from the potential unintentional disclosures that happen because of others in the supply chain. Creating a policy of protection of not only your information but the information of others is an important part of daily business. Helping every employee understand what is appropriate disclosure is the first step in protecting this special class of IP. 

While this list might be thought of as exhaustive, it is only a guide for consideration. Every organization’s needs are different, as such their assets will be somewhat different and their disclosure risks change as well. It is good to remember that to protect an asset all those who are charged with that responsibility have to take those responsibilities seriously, meaning they are ever mindful of their fiduciary duty and responsibility to the organization they serve and to its relationships.

☐ ☐ ☐ END ☐ ☐ ☐ 

Used by Permission

The 867 Foundation, Inc. prepares this document for the use of its members as an educational resource. It does not constitute legal, or financial advice. Please consult your legal or financial advisors for your individual situation. 

© 2019-2022, 867 Foundation, Inc. All Rights Reserved.