Skip to main content
Resources

Minutes | Board Risk Committee (BRC) Meeting

BRC Attendees: Harald Alverstrand, Rafael Lito Ibarra (Chair), Merike Käo, Akinori Maemura, Kaveh Ranjbar, Nigel Roberts, and Matthew Shears

Other Board Member Attendees: Avri Doria, Manal Ismail, and Danko Jevtović

ICANN Organization Attendees: Xavier Calvez (SVP, Planning and Chief Financial Officer), Franco Carrasco (Board Operations Specialist), James Caulfield (Vice President, Risk Management), Elizabeth Le (Associate General Counsel), Ashwin Rangan (SVP, Engineering and Chief Information Officer), Lisa Saulino (Board Operations Specialist), and Amy Stathos (Deputy General Counsel)


The following is a summary of discussions, actions taken and actions identified:

  1. Annual Risk Register Update – The Committee received a briefing on the annual Risk Register refresh. The refresh asks the org functions to update thoroughly the risks related to their functions as well as consider any additional risks to be added to the risk register. The Committee discussed the results of the refresh and the updates to the Organization Risk Register resulting from the refresh. The Committee also reviewed the controls and mitigation in place for the updated risks.
  2. Organization Risk Register Update – Top Risks – The Committee reviewed and discussed the top risks on the Risk Register, noting that there are no changes to the top risks and some updates to controls. The Committee also reviewed the overall risk register in addition to the top risks. The Committee agreed that a column should be added to the Register that tracks whether the risks are identified in the ICANN Strategic Plan.
  3. Risk Management Communications Update – The Committee noted that the Risk Management Overview document has been reviewed by the Committee, Legal and Comms. The plan is to provide a public webinar to go over the document during the ICANN Annual General Meeting (ICANN 72) prep week. The document will be published on the ICANN website two weeks before the webinar.
  4. Risk Controls Assurance Update – The Committee received an update on risk controls assurance. The org's risk management function has been having assurance meetings with each of the org functions. The purpose of the meetings is to go over the function's risks and the associated controls, and to discuss the effectiveness of the controls.

The Chair then called the meeting to a close.

Published on 01 October 2021

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."