Owner: CEO + General Counsel
Effective Date: June 13, 2026
Reviewed: Annually
Frameworks: SOC 2 CC1.2 (board independence) / GOV-1, GOV-2, GOV-4; ISO/IEC 27001:2022 cl. 5 (leadership); supports the Audit Committee Deferral Memo

Purpose

Neuroscale LLC is member-managed and has not constituted a board of directors. This charter documents the oversight function that, at Neuroscale’s current scale, performs the governance responsibilities a board and audit committee would hold — oversight of internal control and of cybersecurity and privacy risk — and the basis for its independence from management. It is the controlled record behind the Controls Inventory CC1.2 row; the board-charter, board-CV, and board-meeting Vanta document slots are evidenced separately by the Executive Management Ethical Survey 2026 per Advantage Partners’ no-board guidance.

Composition & independence

A formal board audit committee is deferred per the Audit Committee Deferral Memo. In its place, independent oversight is provided by:
  • The Chief Executive Officer, accountable for the control environment; and
  • VGC LLP (outside counsel) as the standing independent reviewer — independent of management’s day-to-day operation of controls — providing the objectivity an independent director would.
Where a matter implicates the CEO, CTO, or CISO, oversight routes to VGC independently (the same routing as the conflicted-whistleblower path). This compensating arrangement is reassessed as the company scales toward a formal board/audit committee.

Responsibilities

The oversight function:
  1. Oversees internal control over the security, availability, and confidentiality commitments — reviewing the Controls Inventory, control performance, and exceptions.
  2. Oversees cybersecurity and privacy risk — reviewing the risk register and the Annual Risk Assessment at least annually, with feedback and direction to management (GOV-1).
  3. Reviews ISMS/AIMS governance — receives the ISMS Management Review minutes and internal-audit reports (Internal Audit Procedure).
  4. Reviews breach determinations — independent review of incident breach-determinations per the Incident Response Policy.
  5. Oversees the whistleblower channel — receives the periodic report-volume summary and is the escalation path for reports implicating senior management (Whistleblower Policy).
  6. Reviews material governance changes — significant policy, structure, or commitment changes.

Cadence & records

  • At least annual governance review (GOV-4), plus quarterly review of the risk register and ISMS-MR minutes.
  • Each session produces minutes recording attendees, matters reviewed, decisions, and direction to management — stored in the Management Review minutes area and the SharePoint evidence library.
  • Independence basis and any conflicts are recorded per session.

Expertise

The oversight function maintains sufficient expertise to oversee the design and operation of information-security controls, engaging third-party security and legal experts (VGC; the pen-test vendor; the SOC 2 / ISO auditors) as needed (GOV-3).

Path to a formal board

As Neuroscale scales, a formal board with at least one independent director and a constituted audit committee will replace this compensating arrangement; this charter and the Audit Committee Deferral Memo will be superseded at that point.

Cross-references

Version history

VersionDateDescriptionAuthorApproved by
1.0June 13, 2026Initial board & independent oversight charter.Cameron WolfeIshan Jadhwani
1.1June 16, 2026Retitled “Independent Oversight Charter”; clarified that Neuroscale is member-managed with no board and that the board-document Vanta slots are evidenced by the Executive Management Ethical Survey. Oversight design unchanged.Cameron WolfeIshan Jadhwani