Skip to main content

Audit Committee (AC) Meeting Minutes

AC Attendees: Bill Graham, Olga Madruga-Forti, Erika Mann – Chair, Gonzalo Navarro, and Judith Duavit Vazquez

Other Board Attendees: Steve Crocker, Bertrand de La Chapelle, Bruce Tonkin

Staff Attendees: Susanna Bennett – Chief Operating Officer, Xavier Calvez – Chief Financial Officer, John Jeffrey – General Counsel and Secretary, Megan Bishop, Michelle Bright, Elizabeth Le, and Amy Stathos

The following is a summary of discussion, actions taken and actions identified:

  1. Auditors – FY14: The AC previously agreed that ICANN will switch auditors in FY14 to engage a larger auditing firm that can accommodate the growth of the organization. Staff provided the AC an action plan for this selection and engagement process. Staff proposed that a competitive bid RFP process be launched in September 2013 after the current auditors (Moss Adams) have closed the FY13 audit, and that the selection and engagement process of the new auditors will be completed by 31 December 2013. Moss Adams will perform the interim FY14 audit in April-May 2014. The final FY14 audit will be conducted by the new auditors in August 2014. The BAC discussed the industry standards and best practices for changing auditors and noted that it has complied with these standards.

  2. Process documentation status – The AC discussed the status of the on-going documentation of ICANN's finance process. The AC has previously determined that while there is no legal requirement that ICANN document its finance process, it should nevertheless undergo process documentation for best practices and transparency purposes. The AC agreed that the format should be largely consistent with the standards of the Sarbanes-Oxley Act and international standards, and should include narrative, flowchart, key controls, and segregation of duties. Staff provided an update on the processes that have been documented and the additional processes that will be documented by 31 December 2013. Thereafter, there will be improvements on the processes that have been documented. The documentation of the process for operations will be segregated from the documentation process for the New gTLD Program.

  3. Audit Committee Scope – The AC discussed the scope and function of the Committee, and its relationship with compliance and risk management audits. The AC agreed that the scope of the Committee should remain focused on the financial aspects of audits and not address risk or organizational compliance audits. The AC agreed that risk audits should be addressed by the Risk Committee. The AC decided to continue the AC framework discussion to the Board workshop in September 2013 and that a paper regarding the proposed framework will be circulated prior to the workshop.

  4. Audit Entrance Meeting – Staff advised that Moss Adams will conduct a feed back presentation on the FY13 audit at the September 2013 Board workshop

Published on 20 June 2014

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."