SSR1 Implementation – Risk Management

 

 

Briefing Date: 25 July 2017

Slides: SSR1 Risk Management Briefing

Meeting Transcript

Adobe Connect Replay

Grouping: Risk Management

#

Recommendation

25

ICANN should put into place mechanisms for identifying both near and longer-term risks and strategic factors in its Risk Management Framework.

26

ICANN should prioritize the timely completion of a Risk Management Framework.

27

ICANN’s Risk Management Framework should be comprehensive within the scope of its SSR remit and limited missions

 

Follow-Up Questions & Answers

25

Q: Since the publication of the SSR1 Final Report, what mechanisms have been put into place to incorporate near and long-term risks into a formal, strategic Risk Management Framework for ICANN?

25

Q: Since the Board approval of the 2014 Risk Management Framework provided by an external consultant, what further review, consultation or further work has been done on the approved Framework?

25

Q: Please provide evidence of briefings to the Board Risk Committee on the risk assessment and proposed mitigation measures, as per Board Resolution dated 21 November 2013 https://features.icann.org/dns-risk-management-framework-report-and-implementation?language=fr , and any follow up arising from such briefings.

25

Q: What efforts have been made since 2014 to demonstrate that ICANNs risk management framework follows the standards of transparency and community participation, required by the SSR1?

25

Q: Please clarify whether the portfolio of the new VP of Enterprise Risk Management extends into risks relating to ICANN's role with regard to the internet's set of unique identifiers, and future threats relating to unique identifiers?

25

Q: Is there a final DNS risk assessment document (the linked to document is labelled 'draft') https://www.icann.org/en/system/files/files/dns-risk-consultation-28may14-en.pdf , and have there been any updates since 2014?

27

Q: The staff report for implementation of SSR1’s Recommendations indicates that this Recommendation is complete. How did staff assess the “comprehensiveness” of the Risk Management Framework to come to this conclusion?

27

Q: Please provide details of how the risk management has been staffed since SSR1 recommendations have been adopted by the Board.