ISC2 Risk Committee

Committee Charter

Committee Members

• Chair: Samara Moore, CISSP
• Members:
  • Edward Farrell, CISSP, SSCP
  • Laurie-Anne Bourdain, CISSP
  • May Brooks-Kempler, CISSP, HCISPP
  • Judith Sarjeant, CISSP
  • Shannon Brewster, CISSP
  • Daisy Radford, CISSP

The ISC2 Risk Committee assists with oversight of the association’s risk management tolerances, policies, and high/critical enterprise risks. The committee’s objectives are to assist the Board of Directors in meeting ISC2 governance obligations, specifically with response to its oversight of ISC2 management of its business risks.  

In carrying out its responsibilities, the Risk Committee shall: 

1. Review overall risk tolerances and appetites and recommend to Board for approval and periodic updates. 
2. Ensure the assessment of enterprise risks via regular updates.  
3. Monitor the management of High risks to ensure that appropriate controls are in place.  
4. Approve major decisions, considering ISC2 risk profile or exposure.  
5. Oversee the internal audit function, including annual review of the internal audit charter and approval of the annual internal audit plan. 
6. Make recommendations to the Board on all or any of the above matters, and other functions as the Board may assign to the Committee from time to time.