Governance & Citizenship

Business people meeting

Committee Charter

Committee Members
John C. ("Chris") Inglis
Marvin R. Ellison
Susan Patricia (“Tricia”) Griffith
Kimberly A. Jabal
Joshua Cooper Ramo
Susan C. Schwab

Information Technology Oversight Committee Charter (94 KB PDF)

Information Technology Oversight Committee Charter

Purpose

The purpose of the Information Technology Oversight Committee is to:

  • Review major information technology ("IT")-related projects and technology architecture decisions;
  • Assess whether the Company's IT programs effectively support the Company's business objectives and strategies;
  • Assist Board oversight of cybersecurity risks and management efforts to monitor and mitigate those risks;
  • Advise the Company's senior IT management team; and
  • Advise the Board of Directors on IT-related matters.

back to top

Membership and Subcommittees

The Information Technology Oversight Committee shall consist of such number of members of the Board of Directors as shall be appointed by the Board from time to time, but in no event shall the Committee consist of fewer than three members. The Board of Directors shall designate the Chairperson of the Committee. The Board of Directors may change the membership of the Committee at any time.

Unless otherwise prohibited by the Company's Certificate of Incorporation or Bylaws, the Committee may form and delegate authority to any subcommittee as it deems appropriate or advisable.

back to top

Functions, Powers and Responsibilities

The Information Technology Oversight Committee shall:

IT Projects

  1. Review and discuss with management the financial, tactical and strategic benefits of proposed major IT-related projects and technology architecture alternatives.
  2. Review and discuss with management the progress of major IT-related projects and technology architecture decisions.
  3. Make recommendations to the Board of Directors with respect to IT-related projects and investments that require Board approval.

Cybersecurity

  1. Review and discuss with management and the Board of Directors (i) the Company’s cybersecurity risks and (ii) the steps management has taken to identify, assess and monitor those risks.
  2. Review and discuss with management (i) technologies, policies, processes and practices for managing and mitigating cybersecurity risks and (ii) the Company’s cyber-attack incident response and recovery plan.

IT Disaster Recovery

  1. Review and discuss with management the Company’s IT disaster recovery capabilities and contingency plans.

Internal Controls

  1. Review and discuss with management the quality and effectiveness of IT systems and processes that relate to or affect the Company's internal control systems.
  2. Review and discuss with management and the Board of Directors (i) the Company's IT-related compliance risks, including IT-related internal audits, and (ii) the steps management has taken to identify, assess, monitor, manage and mitigate those risks.
  3. Periodically report to and consult with the Audit Committee of the Board of Directors regarding IT systems and processes that relate to or affect the Company's internal control systems.

Advisory Role

  1. Advise the Company's senior IT management team.
  2. Stay informed of, assess and advise the Company's senior IT management team with respect to new technologies, applications and systems that relate to or affect the Company's IT strategy or programs.

Other

  1. Annually review the Committee's own performance and report the results of such review to the Board of Directors.
  2. Annually review and reassess the adequacy of this charter and recommend any proposed changes to the Board of Directors for approval.
  3. Report regularly to the Board of Directors on matters within the scope of the Committee, as well as any special issues that merit the attention of the Board.
  4. Perform such other duties as are necessary or appropriate to ensure that the Company's IT programs effectively support the Company's business objectives and strategies, or as the Board of Directors may from time to time direct.

Amended March 7, 2016

back to top

Latest Annual Report