Minutes – Board Risk Committee (BRC) Meeting 24 August 2010

BRC Attendees: Bruce Tonkin – Chair; Steve Crocker, Rajasekhar Ramaraj, Mike Silber, and Suzanne Woolf

Invited Board Attendee: Katim Touray

Staff Attendees: John Jeffrey – General Counsel and Secretary; Kurt Pritz – Senior Vice President, Services; Patrick Jones, Michael Salazar, Diane Schroeder and Amy Stathos


The following is a summary of discussions, actions taken and actions identified:

  1. Reviewed and approved minutes from previous BRC meeting.

  2. Received update from staff on action items identified at previous BRC meeting. Staff confirmed work on each action item, including work on formation of the Risk Oversight Management Team and completion of the Enterprise Risk Management Guidelines, as well as coordination of outreach to the Numbers Resource Organization on IPv4 depletion issues, continuing work on risk areas related to the Affirmation of Commitments.

    1. New and Continued Actions:

      1. Staff to coordinate initial meeting of the ROMT to confirm inclusion of reporting thresholds in the team’s processes.

      2. Staff to provide BRC with report on discussions that occurred regarding IPv4 depletion issues, including at the recent IETF meeting.

      3. BRC chair to contact staff coordinating reviews related to the Affirmation of Commitments to provide further guidance on the types of risk identification that will be helpful to the BRC.

  3. Staff provided updated report on project-level risk management within the New gTLD program and risks identified within the program, with mitigation efforts also identified.

    1. Actions:

      1. After the New gTLD program is launched, staff to provide periodic status reports to the BRC regarding the assessment of actual performance measured against the assessed risks.

      2. Staff to address feasibility of adding further mitigation measures into the implementation process to address BRC members concerns, including registry failure issues, process for approval of registry agreements, and assuring direct communication with root operators.

      3. Staff developing testing plans with identified service providers for the New gTLD program to confirm proper implementation.

  4. Staff provided brief presentation on the proposed BRC workplan. BRC Chair confirmed that the next BRC meeting would be in October 2010.

    1. Action:

      1. BRC members to review and provide comments to workplan via email.