Skip to main content

Risk Committee Charter | As approved by the ICANN Board of Directors on 2 November 2017

  1. Purpose

    The Process and Systems Risk Committee of the ICANN Board is responsible for the assessment and oversight of policies implemented by ICANN designed to manage ICANN's risk profile, including the establishment and implementation of standards, controls, limits and guidelines related to risk assessment and risk management, including but not limited to financial, technical, legal and operational risks and other risks concerning ICANN's reputation and ethical standards.

  2. Scope of Responsibilities

    The following responsibilities are set forth as a guide for fulfilling the Committee's purposes. The Committee is authorized to carry out these activities and other actions reasonably related to the Committee's purposes as may be assigned by the Board from time to time:

    1. Oversight of risk management for ICANN as an organization, including the following activities:
      1. Reviewing and advising on ICANN policies, plans and programs relating to risk management;
      2. Monitoring the effectiveness of risk management programs, including operational risk management and controls;
      3. Oversight of the significant non-financial risk exposure for ICANN and steps taken to monitor and control such exposure;
      4. Staying informed on ICANN conditions and gaining familiarity with ICANN processes in order to identify potential future risks and advise on plans for addressing these risks as appropriate; and
      5. Reviewing other areas of risk concentration as appropriate, including coordinating with other committees of the Board which review risk, as well risks identified arising from the work of the ICANN community.
    2. Oversight of operational activities including reviewing information and monitoring the effectiveness of the management of operational activities such as:
      1. The effectiveness of the technology utilized by ICANN;
      2. The adequacy of ICANN's business continuity policies; and
      3. Addressing changes in the business environment that may be material to ICANN operations.
    3. Informing and advising the Board on the outcomes of these oversight areas, the Committee recommendations and assessment of those outcomes, if any, as well as other reporting deemed appropriate by the Committee.
  3. Composition

    The Committee shall be comprised of at least three but not more than seven Board members, as determined and appointed annually by the Board, each of whom shall comply with the Conflicts of Interest Policy. The voting Directors on the Committee shall be the voting members of the Committee, and the majorit of the Committee members must be voting Directors. The members of the Committee shall serve at the discretion of the Board.

    The Committee shall have a Chair and may have a co-Chair or vice-Chair. Unless a Committee Chair/co-Chair/vice-Chair is appointed by the full Board, the members of the Committee may designate its Chair/co-Chair/vice-Chair from among the members of the Committee by majority vote of the full Committee membership.

    The Committee may choose to organize itself into subcommittees to facilitate the accomplishment of its work. The Committee may seek approval and budget from the Board for the appointment of consultants and advisers to assist in its work as deemed necessary, and such appointees may attend the relevant parts of the Committee meetings.

  4. Meetings

    1. Regularly Scheduled Meetings.

      The Committee shall meet at least three times per year, or more frequently as it deems necessary to carry out its responsibilities. The schedule of these meetings will be established at the beginning of the calendar year. The Committee's meetings may be held by telephone and/or other remote meeting technologies. Regularly scheduled meetings shall be noticed at least one week in advance, unless impracticable, in which case the notice shall be as soon as practicable.

    2. Special/Extraordinary Meetings.

      Special/Extraordinary meetings may be called upon no less than forty-eight (48) hours notice by either (i) the Chair of the Committee or (ii) any two members of the Committee acting together. The purpose of the meeting must be included with the call for the meeting.

    3. Action Without a Meeting

      1. Making a Motion:

        The Committee may take an action without a meeting for an individual item by using electronic means such as email. An action without a meeting shall only be taken if a motion is proposed by a member of the Committee, and seconded by another voting member of the Committee. All voting members of the Committee must vote electronically and in favor of the motion for it to be considered approved. The members proposing and seconding the motion will be assumed to have voted in the affirmative. The action without a meeting and its results will be noted in the next regularly scheduled Committee meeting and will be included in the minutes of that meeting.

      2. Timing:

        1. Any motion for an action without a meeting must be seconded by another Committee member within 48 hours of its proposal.
        2. The period of voting on any motion for an action without a meeting will be seven days unless the Chair changes that time period. However, the period must be a minimum of two days and a maximum of seven days.
  5. Voting and Quorum

    A majority of the voting members shall constitute a quorum. Voting on Committee matters shall be on a one vote per member basis. When a quorum is present, the vote of a majority of the voting Committee members present shall constitute the action or decision of the Committee.

  6. Recording of Proceedings

    A preliminary report with respect to actions taken at each meeting (telephonic or in-person) of the Committee shall be recorded and distributed to committee members within two working days, and meeting minutes shall be posted promptly following approval by the Committee.

    An report of the activities of the Committee shall be prepared and published semiannually.

  7. Succession Plan

    The Board Risk Committee shall maintain a succession plan for the Committee which includes identifying competencies and personal characteristics required to meet the leadership needs of the Committee.  The Committee shall annually review the succession plan to ensure that it meets the needs of the Committee.

  8. Review

    The performance of the Committee shall be reviewed annually and informally by the Board Governance Committee. The Board Governance Committee shall recommend to the full Board changes in membership, procedures, or responsibilities and authorities of the Committee if and when deemed appropriate. Performance of the Committee shall also be formally reviewed as part of the periodic independent review of the Board and its Committees.

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."