Committee and Working Group Charters

Charter for the Compensation Committee

(PDF Format)

1.0. Purpose

The ARIN Bylaws (including Article VI, Section 3) specifies the basic duties of the ARIN Compensation Committee. The Compensation Committee shall only be delegated the powers and authority, if any, from the Board as specified below or in the Bylaws; and for any other work or matters requested by the Board, the Compensation Committee will work to refer any actions or information for consideration by the Board.

2.0. Composition of the Committee

The Committee shall consist of Board Chairman along with two elected members of the Board. The Compensation Committee shall be composed of the Board Chairman, the Treasurer (provided he or she is a member of the Board, otherwise it shall be the Finance Committee Chair), and one additional member. The third Trustee shall be appointed to the Committee by the Board of Trustees at its first business meeting of the year. The remainder of the elected Board shall be welcome as non-voting participants in the activities of the Compensation Committee. The Chief Human Resources Officer shall serve in an advisory capacity to the Committee as well as the ARIN General Counsel when requested.

The duties of the Committee Chair include the following:

  • prepare for and facilitate committee meetings, including working with staff to shape meeting agendas,
  • able to run a meeting, to time, and bring a group to a consensus,
  • able to draw on colleagues’ skills and abilities,
  • able to deploy people management skills to handle different people and personalities, managing the strong versus the quiet, gathering input from all,
  • able to establish and maintain a good working relationship with the Board Chair,
  • act as subject matter expert and/or offer technical skills related to the committee’s mandate.

3.0. Scope of Responsibilities

The Compensation Committee shall be responsible for development and retention of ARIN’s President including the negotiation and presentation of the President’s contract and compensation package to the ARIN Board of Trustees for approval when necessary. Additionally, the Compensation Committee shall determine the President’s annual bonus within the Board approved bonus range. The employment contract shall set forth the compensation structure for the President and the terms and conditions of the President’s employment.

The Committee shall review and approve annual performance objectives for the President and shall annually review the President’s performance against such objectives as well as the reasonableness and appropriateness of his or her compensation and benefits in relation to the marketplace. The Committee may, as necessary, review and approve ARIN’s overall compensation philosophy and practices in light of industry standards.

At the end of each year, the Compensation Committee shall review its charter and its performance as a Board committee. Any recommendations from this review shall be reported to the full Board for their consideration. The Committee’s communications and deliberations shall be kept private and confidential.

4.0. Committee Logistics

The Committee will meet at least quarterly. With support from staff the Committee chair will develop an agenda in advance of each meeting.

Charter for the Finance Committee

(PDF Format)

1.0. Purpose

The Finance Committee is responsible for consulting with the President and CFO on the corporation’s financial policies and controls; for reviewing, making recommendations and ensuring the soundness of the corporation’s Investment Policy and its implementation; and for providing oversight of the financial audit process. The Finance Committee shall only be delegated the powers and authority, if any, from the Board as specified below; and for any other work or matters requested by the Board, the Finance Committee will work to refer any actions or information for consideration by the Board.

2.0. Composition of the Committee

The Committee shall consist of the Treasurer and three other members from the Board of Trustees. The Treasurer shall serve as the Committee Chair. The President shall serve as a non- voting ex-officio member of the Committee. The CFO and COO will serve as a committee- liaisons in an advisory capacity.

The expectations of the Committee Chair include the following:

  • prepare for and facilitate committee meetings, including working with staff to shape meeting agendas,
  • able to run a meeting, to time, and bring a group to a consensus,
  • able to draw on colleagues’ skills and abilities,
  • able to deploy people management skills to handle different people and personalities, managing the strong versus the quiet, gathering input from all,
  • able to establish and maintain a good working relationship with the Board Chair
  • act as subject matter expert and/or offer technical skills related to the committee’s mandate.

The Board of Trustees, at its first business meeting of each calendar year, shall appoint the Trustee representatives. Members may serve successive one-year terms as long as they are appointed to the Committee. Vacancies on the Committee during the term shall be filled in the same manner as the regular selection process.

When requested, the General Counsel will provide advice to the Finance Committee.

3.0. Scope of Responsibilities

The Committee has responsibilities in three overall areas: Finance, Investment, and Audit. The Committee shall report to the Board regarding actions taken in fulfilling these responsibilities.

At the end of each year, the Finance Committee shall review its charter and its performance as a Board committee. Any recommendations from this review shall be reported to the full Board for their consideration.

3.1. Financial Responsibilities

The Committee shall:

  1. Review, at least annually, ARIN’s fee structure and make recommendations to the Board on any fee changes, if necessary.
  2. Review ARIN draft budget materials and make recommendation to the Board for approval, as appropriate.
  3. Have the specific duty to review any unbudgeted financial support from ARIN for outside organizations.
  4. Have the specific duty to review any reported or potential discrepancies in ARIN’s tax compliance with regulatory authorities.
  5. Provide advice to the CEO regarding proposed changes to financial controls.
  6. Make recommendation to the Board of Trustees as needed for the placement of a line of credit or any other loans.
  7. Review the annual ARIN Tax Compliance Report.
  8. Review ARIN quarterly financial reports, and
  9. Review ARIN draft IRS Form 990.

3.2. Investment Responsibilities

The Committee shall:

  1. Make recommendations to Board as needed for hiring and firing of the investment consultant and, as necessary, the investment custodian.
  2. Oversee the work and assess the performance of investment consultants.
  3. Receive and review quarterly reports of investment plan performance.
  4. Review the Investment Policy Statement on an annual basis, and make recommendations to the Board of Trustees for changes as needed, including but not limited to:
    • New allocation of monies between the funds,
    • Change the percentages in the funds among the asset classes; and,
    • Direct changes to individual investments, as required.

3.3. Audit Responsibilities

The Committee shall:

  1. Hire and fire financial auditors.
  2. Review the financial auditor report.
  3. Receive copies of all correspondence between financial auditor and ARIN, directly from the auditor.
  4. Receive a copy of the financial auditor’s comments and adjustments, directly from the auditor.
  5. Meet with financial auditors directly.
  6. Present the financial audit report to the Board of Trustees, for their acceptance; and,
  7. Hire outside, independent experts for opinions on financial audits and ARIN’s books as needed.

3.4. Reporting Responsibilities

The Committee shall:

  1. Report at least quarterly to the board about committee activities, issues, and related recommendations.
  2. Review any other report ARIN issues that relate to the committee responsibilities.

4.0. Committee Logistics

The Committee will meet at least quarterly. With support from staff the Committee chair will develop an agenda in advance of each meeting. The meeting minutes will include an attendance record and a report of Committee discussions with documented recommendations and decisions.

These minutes will be completed, reviewed, and posted no more than three weeks following the meeting. All committee minutes, to the extent not confidential, will be made available to all Board members.

Charter for the Mailing List Acceptable Use Policy (“AUP Committee”)

(PDF Format)

1.0. Purpose

The Advisory Committee to the President on the Mailing List Acceptable Use Policy is responsible for reviewing alleged AUP violations and advising the President on proposed courses of action to ensure the decisions are sound and consistent with described procedures. The AUP Committee shall only be delegated the powers and authority, if any, from the Board as specified below; and for any other work or matters requested by the Board, the AUP Committee will work to refer any actions or information for consideration by the Board.

2.0. Composition of the Committee

ARIN General Counsel shall serve in an advisory capacity to the Committee. The Committee shall be composed of the following members:

  1. One elected member from the ARIN Board of Trustees. The Trustee Representative shall be appointed by the Board of Trustees at its first business meeting of the year.
  2. One member of the ARIN Advisory Council (AC). The AC Representative shall be appointed by the ARIN Board of Trustees.
  3. One member in good standing from the ARIN General Membership. The General Member Representative shall be appointed by the Board. If needed, a volunteer pool may be compiled by ARIN Staff following a general call for volunteers to the appropriate ARIN mailing list(s) and confirmation of the Member’s eligibility.

The duties of the Committee Chair include the following:

  • prepare for and facilitate committee meetings, including working with staff to shape meeting agendas,
  • able to run a meeting, to time, and bring a group to a consensus,
  • able to draw on colleagues’ skills and abilities,
  • able to deploy people management skills to handle different people and personalities, managing the strong versus the quiet, gathering input from all,
  • able to establish and maintain a good working relationship with the Board Chair,
  • act as subject matter expert and/or offer technical skills related to the committee’s mandate.

The Trustee representative shall chair the meetings. Members may serve successive one-year terms as long as they continue to meet the selection criteria. Vacancies on the Committee during the term shall be filled in the same manner as the regular selection process.

3.0. Scope of Responsibilities

Whenever possible, the President of ARIN shall consult with the Committee prior to taking action pursuant to the Mailing List AUP. The President shall notify the Committee of actions taken in exigent circumstances without Committee consultation. The Committee shall advise the President of its determination regarding alleged AUP violations and any sanction recommendations in light of the policy and/or enforcement procedures. The Committee may recommend changes to the policy and/or enforcement procedures as the Committee feels are needed.

All Committee communication shall be kept private. The Committee shall promptly make its recommendations to the President. Any Committee member may also submit advice to the President individually.

4.0. Committee Logistics

The Committee will meet as needed. With support from staff the Committee chair will develop an agenda in advance of each meeting. The meeting minutes will include an attendance record and a report of Committee discussions with documented recommendations, and decisions. These minutes will be completed, reviewed, and posted no more than three weeks following the meeting.

Charter for the 2023 Nomination Committee (NomCom)

1.0. Purpose

The ARIN Nomination Committee (NomCom) is responsible for identifying, recruiting, verifying eligibility, and classifying nominees standing for election to the ARIN Board of Trustees (Board) and Advisory Council (AC), in accordance with the Bylaws, and as described in the Election Processes document that NomCom shall maintain and update from time to time, and that the Board shall have approved as specified in the Bylaws, Artivle VIII, Section 1(c). The Nomination Committee is a standing committee of the Board, as specified in the Bylaws, Article VI, Section 3(a). The President is not a member of NomCom.

2.0. Composition, Selection, and Term of the Committee

2.1 The NomCom shall be composed of members as specified below:

  1. The NomCom shall include two members from the ARIN Board of Trustees, appointed by the Board as vacancies arise, which should ordinarily be annual. One of the Board members shall be appointed Chair of the NomCom. The Board may make Trustee appointments to this committee whenever necessary to fill vacancies.
  2. The NomCom shall include five individuals recognized as representatives from the ARIN community who shall be appointed for two-year terms by the NomCom members specified in 2.1.a. For the purposes of representation and experience, the five (5) community members of the NomCom may be accepted from the following:
    1. at least one (1), but no more than two (2) currently serving Advisory Council members
    2. recognized representatives of ARIN General Members.
  3. The terms of these community representatives will be staggered. All must complete training, such as anti-harassment training, similar to that required of Board and AC members.
  4. No person may serve as a member of the NomCom and be a nominee or candidate for election in the same year, nor serve as a member of the NomCom for more than four years without an intervening two-year period away from NomCom.

2.2 The NomCom shall preserve the confidentiality of its recruitment discussions. All NomCom members who are not Board members shall enter into non-disclosure and conflict of interest agreements satisfactory to the Board as a condition of serving.

2.3 The primary work of the NomCom for each election cycle concludes upon publication of the initial slates of candidates; however, supplemental work of the NomCom concludes when, after the election results are announced, the NomCom has reviewed, collected, and collated feedback from its members on the Committee’s governing documents, process, and performance, as internal notes; and finalizes a written report of recommendations to the full Board for consideration.

2.4 All unpublished personal data (including, for certainty, pseudonymous data) relating to nominees, whether or not carried forward as candidates, will be destroyed after the election cycle for which the personal data was collected. Other information, including feedback, recommendations, and lessons learned about the nominations process, shall be retained.

3.0. Assistance to the NomCom

The NomCom identifies, recruits, qualifies, and classifies each nominee’s qualifications for serving on The NomCom should make good use of the assistance available to it in undertaking its responsibilities.

3.1 Staff Assistance

The NomCom may work with an ARIN staff member assigned to provide reasonable administrative support. Its Chair may, with the concurrence of at least one other NomCom member, direct a request to ARIN’s legal counsel.

3.2 Board and AC Guidance

To assist the NomCom in carrying out its duties, the Board and AC are each expected to provide annually the written guidance referred to in section 4.2 of this Charter. That guidance outlines the skills and experience that the Board and AC (a) feel would assist in their effective functioning, and (b) having regard for the skills and experience not well accounted for on the Board and AC, including the skills and experience of members whose terms are expiring. These attributes are expected to be identified and classified in the guidance as “Highly Recommended" and “Recommended”, and the guidance published on the ARIN website in a timely manner.

4.0. Scope of Responsibilities

The NomCom identifies and recruits nominees for serving on either the ARIN Board of Trustees or the Advisory Council. ARIN staff will engage a third-party vendor firm who will have the sole responsibility to qualify and classify each nominee as a key component to the overall nomination process.

4.1 Nominee Promotion and Recruitment

NomCom shall undertake such promotion and recruitment activities so that, by Bylaws Article VIII, Section 2

  1. the number of candidates on the initial Board of Trustees election slate exceeds the number of open positions by at least one (1) candidate. The Board election slate shall include a minimum of one (1) non-incumbent candidate; and
  2. the number of candidates on the initial Advisory Council election slate shall exceed the number of open positions by at least one (1) candidate. The Advisory Council election slate shall include a minimum of one (1) non-incumbent candidate.

At the conclusion of the call for nominations, ARIN staff will publish on its website a list of the nominees who have duly completed the nomination submission process.

4.2. Nominee Classification Process

The third-party vendor firm shall classify each nominee as indicated below, guided by the Bylaws and Election Processes.

  1. The third-party vendor firm shall classify each nominee as indicated below, guided by the Bylaws and Election Processes.
    1. The third-party vendor firm reviews and finalizes questionnaires, to be used in qualifying and classifying nominees, that shall address the attributes that the most recent annual Board and AC guidance, as appropriate, has defined as “Highly Recommended” and “Recommended”.
    2. The third-party vendor firm shall perform background checks of Board nominees’ qualifications using public sources and third-party services, always in confidence. The third-party vendor firm shall review any material issues raised by these background checks with ARIN’s General Counsel (GC) and Chief Human Resources Officer (CHRO).
    3. Nominees for the Board of Trustees shall be afforded the opportunity to be interviewed by the third-party vendor firm which will constitute and material component to a nominee’s classification.
  2. The third-party vendor firm shall determine whether each nominee is eligible to be considered in the evaluation process, and be included in the initial slate of candidates, as required by ARIN Bylaws Articles VI(1)(d-e) (Trustee Conflict of Interest and Eligibility), VI(4)(a) (Limit on Terms of Office), VIII(1)(b-c) (Nomination and Appointment Conflict of Interest; Procedure Approval and Publications), and VIII(2)(a) (Nomination Committee).
  3. The third-party vendor firm shall classify each eligible nominee as “Well Qualified,” “Qualified”, “Qualifications not Demonstrated”, or “Unable to Qualify”, having regard for the following guidance.
    1. A nominee that is “Qualified” will have:
      1. met the requisite number of “Highly Recommended” attributes and of “Recommended” attributes, and all of the mandatory attributes, specified in guidance to NomCom by the Board or by the AC as applicable;
      2. demonstrated, to the third-party vendor firm’s satisfaction, that they can perform all the duties and responsibilities required; and
      3. demonstrated that they meet the very highest standards of integrity and professional competence.
    2. The rating of “Well Qualified” is reserved for those nominee’s whose qualifications merit the third-party vendor firm’s strongest endorsement. A nominee that is “Well Qualified” will have:
      1. met all the requirements of “Qualified”;
      2. met the higher requisite number of “Highly Recommended” attributes and of “Recommended” attributes, and all of the mandatory attributes, specified in guidance to NomCom by the Board or by the AC as applicable; and
      3. evidenced outstanding qualifications in respect of the specified attributes, to which they bring breadth of experience.
    3. Where the third-party vendor firm’s determination is that a nominee’s materials do not demonstrate they have met the requirements needed to be “Qualified”, the third-party vendor firm will make a classification of “Qualifications Not Demonstrated”.
    4. A nominee will be classified as “Unable to Qualify” if, notwithstanding any of the above:
      1. they are in an irresolvable conflict of interest position or have, within the preceding five years, materially violated an applicable ARIN code of conduct in a manner that has caused material harm.
      2. their application materials make a material misrepresentation (for instance, falsified their educational background, or materially misstated their professional experience), whether by way of statement or omission, or are otherwise participating in the elections process in bad faith;
      3. they were convicted of a relevant criminal offense for which they have not been pardoned—or, within the past 10 years, been denied directors’ liability insurance or found wholly or partly liable by an independent authority for a relevant non-criminal offense;
      4. they have served as a past director or officer of an organization during a period in which the organization’s eligibility to operate was revoked by a governmental authority for breach of requirements;
      5. their participation on ARIN’s Board or AC would manifestly bring the organization into disrepute; or
      6. such other valid unusual grounds for disqualification that the third-party vendor firm deems appropriate.
  4. All eligible nominees not classified as “Unable to Qualify” shall be added to the initial slate as candidates for election.
  5. When the initial slates are announced, the following shall be published:
    1. the Board and AC guidance, as set out in section 4.0 below, and related requirements matrices;
    2. the responses to questionnaires of each nominee included in the slates as a candidate; and
    3. the total number of nominees assessed for the election cycle.

4.3 Election Slate Presentation

Based on all relevant information gathered in the evaluation process, the NomCom shall provide a list of the initial slate of nominees eligible for the Board of Trustees and Advisory Council elections to the following ARIN staff: any staff directly supporting the NomCom; the General Counsel; and the Chief Customer Officer. The NomCom’s list shall include the third-party vendor firm’s classification of each nominee, as-is and without modification, and certify that these initial election slates were developed in accordance with this charter, the Bylaws, and the ARIN Election Processes. ARIN staff has the responsibility of forwarding the initial election slates to the ARIN Board Election Officer and ARIN’s President and CEO.

4.4 Petitions

Nominees classified as “Unable to Qualify” may petition to be included on the final slate of Candidates for the body for which they were nominated. The NomCom response to an “Intent to Petition Submission” will include notice to the nominee, issued with consultation with the ARIN GC, that a summary of the assessment of the nominee’s qualifications, including the general reason for the nominee’s classification as “Unable to Qualify”, will be included with the notice of the Petition to the ARIN Membership. In such a case the Nominee’s classification will remain unchanged.

Charter for the Governance Committee

(PDF Format)

1.0 Purpose

The Governance Committee is established to advance the ARIN Board’s effectiveness and continuing development efforts. The Governance Committee shall only be delegated the powers and authority, if any, from the Board as specified below; and for any other work or matters requested by the Board, the Governance Committee will work to refer any actions or information for consideration by the Board.

2.0. Composition of the Committee

The Committee shall consist of three elected members from the Board of Trustees, with one appointed as the Committee Chair. Alternatively, two members from the Board of Trustees may serve as Committee Co-Chairs. The President shall serve as a non-voting, ex-officio member of the Committee.

The duties of the Committee Chair include the following:

  • prepare for and facilitate committee meetings, including working with staff to shape meeting agendas,
  • able to run a meeting, to time, and bring a group to a consensus,
  • able to draw on colleagues’ skills and abilities,
  • able to deploy people management skills to handle different people and personalities,
  • managing the strong versus the quiet, gathering input from all,
  • able to establish and maintain a good working relationship with the Board Chair,
  • act as subject matter expert and/or offer technical skills related to the committee’s mandate.

The Board of Trustees, at its first business meeting of each calendar year, shall appoint the members of the Committee. Members may serve successive one-year terms if they continue to meet the selection criteria. Vacancies on the Committee during a term shall be filled in the same manner as the regular selection process.

When requested, the General Counsel provides advice to the Governance Committee.

3.0. Scope of Responsibilities

The Committee has responsibilities in two overall areas: (1) Board Effectiveness and (2) Board Development. The Committee shall periodically report to the Board those recommendations that result from fulfilling these responsibilities.

At the end of each year, the Governance Committee shall review its Charter and its performance as a Board committee. Any recommendations from this review shall be reported to the Board for their consideration.

3.1 Board Effectiveness Responsibilities

The Committee should:

  1. Periodically review ARIN Board of Trustee procedures and recommend to the Board policies and processes designed to provide for effective and efficient governance,
  2. Review and recommend any changes to ARIN’s governance mechanisms that are referred to the Committee by the Board,
  3. Periodically review ARIN’s Board committee structure, including responsibilities and composition, and recommend changes as needed to the Board,
  4. Periodically review and recommend changes to position descriptions that detail the responsibilities of, and expectations for, Trustees, Officers, and Committee Chairs,
  5. Periodically review the Board’s ethics and code of conduct program to uphold the highest fiduciary standards,
  6. Annually review the ARIN Election Process,
  7. Annually review the ARIN Board Code of Conduct document.

3.2 Board Development Responsibilities

The Committee should:

  1. Develop and implement a comprehensive Board development plan, which includes methods and tools for orienting, training, educating, and evaluating diverse, skilled, and knowledgeable Board members.
  2. Ensure maintenance of a current skills matrix to inform development requirements.
  3. With input from the Board, annually develop a list of selection criteria and competencies needed on the Board. Such criteria shall include the possession of knowledge, experience, skills, expertise, and diversity which enhance the Board’s ability to manage and direct the affairs and business of ARIN, including the ability of committees to fulfill their duties.
  4. Engage in succession planning for the Board and key leadership roles on the Board and its committees.
  5. Establish a timeline and process for regular review and assessment of the performance of elected Trustees per established position descriptions.
  6. At least every two years conduct a Board self-evaluation to measure the Board’s effectiveness and to identify areas for improvement and present the evaluation results and recommendations to the Board.

3.3 Reporting Responsibilities

The Committee shall:

  1. Report at least quarterly to the board about committee activities, issues, and related recommendations.
  2. Review any other reports ARIN issues that relate to committee responsibilities.

4.0 Committee Logistics

The Committee will meet at least quarterly. With support from staff the Committee chair will develop an agenda in advance of each meeting. Meeting minutes will include an attendance record and a report of Committee discussions with documented actions, recommendations, and decisions. These minutes will be completed, reviewed, and posted no more than three weeks following the meeting.

Charter for the Risk & Cybersecurity Committee

(PDF Format)

1.0. Purpose

The Risk & Cybersecurity Committee is established to assist the ARIN Board in fulfilling its oversight responsibilities by working with ARIN Management to review, and report to the Board on, organizational risk issues and cybersecurity risks and mitigation steps. The Committee shall only be delegated the powers and authority, if any, from the Board as specified below; and for any other work or matters requested by the Board, the Committee will work to refer any actions or information for consideration by the Board.

2.0. Composition of the Committee

The Committee shall include three elected members from the Board of Trustees, with one appointed as the Committee Chair. The senior-most ARIN employee responsible for day-to-day risk assessment, mitigation, and governance (if not a Committee member) and for information security, respectively, will serve as committee liaisons in an advisory capacity, and the General Counsel shall act in an advisory capacity upon the Committee’s request.

The duties of the Committee Chair include the following:

  • prepare for and facilitate committee meetings, including working with staff to shape meeting agendas,
  • able to run a meeting, to time, and bring a group to a consensus,
  • able to draw on colleagues’ skills and abilities,
  • able to deploy people management skills to handle different people and personalities, managing the strong versus the quiet, gathering input from all,
  • able to establish and maintain a good working relationship with the Board Chair,
  • act as subject matter expert and/or offer technical skills related to the committee’s mandate.

The Board of Trustees, at its first business meeting of each calendar year, shall appoint the members of the Committee. Members may serve successive one-year terms if they continue to meet the selection criteria. Vacancies on the Committee during a term shall be filled in the same manner as the regular selection process.

3.0. Scope of Responsibilities

The Committee has responsibilities in two overall areas: Risk Identification and Assessment; and Cybersecurity. The Committee shall periodically report to the Board those observations and recommendations, including recommendations relating to mitigation, that result from fulfilling these responsibilities. It may also hire outside, independent experts for opinions on ARIN’s risks as needed.

At the end of each year, the Risk & Cybersecurity Committee shall review its Charter and its performance as a Board committee. Any recommendations from this review shall be reported to the Board of Trustees for consideration.

3.1. General Responsibilities

The Committee shall:

  1. Oversee the identification, assessment, and presence of appropriate mitigation approaches for strategic risks (including emerging risks presented by economic, societal, environmental, regulatory, geo-political, and competitive landscapes, and the business requirements arising from such emerging risks) by engaging management in an ongoing risk tolerance dialogue as conditions and circumstances change and new requirements arise.
  2. Providing oversight of any risk tolerance statement adopted by ARIN, including the assessment of business performance within the parameters of such a statement.
  3. Institute and oversee special investigations as needed and receive reports on emerging statutory obligations, litigation activity, and any instances of fraud.
  4. Review ARIN’s director and officer insurance program to ensure appropriate coverage and that all insurance terms and conditions are being met.
  5. Perform other activities related to this charter as requested by the board.

3.2. Risk Management and Assessment Responsibilities

  1. Review the ARIN Risk Register quarterly and make recommendations as appropriate to the Board of Trustees for improvements to risk mitigation.
  2. In the first half of each year, review ARIN’s overall long-term risk profile and report to the Board of Trustees on any recommended changes to ARIN’s strategic direction to better position the organization to mitigate future risk.
  3. Provide oversight of board-level incident response exercises.

3.3. Cybersecurity Responsibilities

The Committee shall:

  1. Review ARIN Management’s report on ARIN’s Cyber insurance policies to ensure appropriate coverage and that all insurance terms and conditions are being met.
  2. Provide a cybersecurity risk assessment report to the Board that reviews ARIN’s cybersecurity systems and processes, including external compliance standards and audit processes.
  3. Review ARIN’s cybersecurity and other information technology (IT) risks, controls, and procedures, including high-level reviews of:
    • the threat landscape facing ARIN and ARIN’s strategy to mitigate cybersecurity risks and potential breaches.
    • data governance and privacy policies,
    • incident response and disaster recovery readiness,
    • compliance and audits,
    • disclosure and reporting requirements and practices.

3.4 Reporting Responsibilities

The Committee shall:

  1. Report at least quarterly to the board about committee activities, issues, and related recommendations including a formal summary review of the Risk Register,
  2. Report annually to the board, the reports identified in sections 3.2 (long-term risk profile) and 3.3 (cybersecurity risk assessment report) herein.
  3. Review any other reports ARIN issues that relate to committee responsibilities.

4.0 Committee Logistics

The Committee will meet at least quarterly. With support from staff the Committee chair will develop an agenda in advance of each meeting. The meeting minutes will include an attendance record and a report of Committee discussions with documented recommendations and decisions. These minutes will be completed, reviewed, and posted no more than three weeks following the meeting.