1.0 Membership. The Classified Business and Security Committee (the “CBS Committee”) shall consist of two (2) or more directors who possess the appropriate security clearance credentials, at least one of whom shall be a member of the Audit Committee, and all of whom are not officers or employees of the Corporation and are free from any relationship that, in the opinion of the Board of Directors, would interfere with the exercise of independent judgment as a member of the CBS Committee. The members of the CBS Committee shall be elected by the Board of Directors to serve at the pleasure of the Board of Directors. Upon recommendation of the Nominating and Corporate Governance Committee, the Board of Directors may remove any member of the CBS Committee at any time. Vacancies on the CBS Committee shall be filled by the Board of Directors.
2.0 Purpose. The purpose of the CBS Committee shall be to assist the Board of Directors in fulfilling its oversight responsibilities relating to the Corporation’s classified business activities and the security of personnel, data, and facilities.
3.0 Responsibilities. In order to achieve the purpose outlined in this charter, the CBS Committee shall:
3.1 review the strategic, operational and financial aspects of classified business with the Corporation’s management;
3.2 review the policies and practices with respect to risk assessment and risk management and the internal control environment in the area of classified business activities, including discussing with management any major financial risk exposures and the steps that have been taken to monitor and control such exposure, and in connection with such activities shall have access to the Corporation’s internal audit staff and independent auditors, as necessary;
3.3 review issues and procedures relating to the physical security of the Corporation’s facilities and employees and the security of classified cyber data and information maintained by the Corporation within the Corporation’s business or on behalf of its customers;
3.4 regularly review and assess the results of significant internal and external reviews, audits and inspections related to the security of personnel, data, and facilities; and
3.5 the CBS Committee shall annually conduct an evaluation of its performance.
4.0 Authorities. In furtherance of its responsibilities, the CBS Committee shall have the power to investigate any matter falling within its jurisdiction, and it shall also possess the following authorities:
4.1 Delegated Authority. The CBS Committee shall perform such other functions and exercise such other powers as may be delegated to it from time to time by the Board of Directors.
4.2 Subcommittees. The CBS Committee may delegate its authority to subcommittees (which may consist of one or more members of the CBS Committee) when it deems appropriate and in the best interest of the Corporation.
4.3 Reports to Board of Directors. The CBS Committee shall report to the Board of Directors following each meeting of the CBS Committee. Such reports to the Board of Directors will, if necessary, be general in nature due to the security requirements involved in discussing detailed business information.
4.4 Committee Charter. The CBS Committee shall review and recommend to the Board of Directors the adequacy of its charter and proposed changes from time to time as needed.
5.0 Procedures. The CBS Committee shall hold at least two (2) meeting per year and shall meet with management and separately in executive session without management. Minutes shall be maintained in accordance with the classified nature of the material.
6.0 Limitations Inherent in the CBS Committee’s Role. Although the CBS Committee has the power and responsibilities set forth in this charter, it is not the responsibility of the CBS Committee to plan or conduct audits or to determine that the Corporation’s financial statements, as they relate to classified business activities, security issues or security breaches, are complete and accurate and are in accordance with accounting principles generally accepted in the United States. It is recognized that certain programs may have special or compartmentalized access requirements, with limited availability to obtain such access. The Corporation will request such access from government security organizations for the CBS Committee as required to perform its duties; it is not the responsibility or obligation of the CBS Committee to routinely acquire and maintain continuous access to such programs.