Owner: CEO + General Counsel
Effective Date: June 13, 2026
Reviewed: Annually
Frameworks: SOC 2 CC1.2 (board independence) / GOV-1, GOV-2, GOV-4; ISO/IEC 27001:2022 cl. 5 (leadership); supports the Audit Committee Deferral Memo
Effective Date: June 13, 2026
Reviewed: Annually
Frameworks: SOC 2 CC1.2 (board independence) / GOV-1, GOV-2, GOV-4; ISO/IEC 27001:2022 cl. 5 (leadership); supports the Audit Committee Deferral Memo
Purpose
Neuroscale LLC is member-managed and has not constituted a board of directors. This charter documents the oversight function that, at Neuroscale’s current scale, performs the governance responsibilities a board and audit committee would hold — oversight of internal control and of cybersecurity and privacy risk — and the basis for its independence from management. It is the controlled record behind the Controls Inventory CC1.2 row; the board-charter, board-CV, and board-meeting Vanta document slots are evidenced separately by the Executive Management Ethical Survey 2026 per Advantage Partners’ no-board guidance.Composition & independence
A formal board audit committee is deferred per the Audit Committee Deferral Memo. In its place, independent oversight is provided by:- The Chief Executive Officer, accountable for the control environment; and
- VGC LLP (outside counsel) as the standing independent reviewer — independent of management’s day-to-day operation of controls — providing the objectivity an independent director would.
Responsibilities
The oversight function:- Oversees internal control over the security, availability, and confidentiality commitments — reviewing the Controls Inventory, control performance, and exceptions.
- Oversees cybersecurity and privacy risk — reviewing the risk register and the Annual Risk Assessment at least annually, with feedback and direction to management (GOV-1).
- Reviews ISMS/AIMS governance — receives the ISMS Management Review minutes and internal-audit reports (Internal Audit Procedure).
- Reviews breach determinations — independent review of incident breach-determinations per the Incident Response Policy.
- Oversees the whistleblower channel — receives the periodic report-volume summary and is the escalation path for reports implicating senior management (Whistleblower Policy).
- Reviews material governance changes — significant policy, structure, or commitment changes.
Cadence & records
- At least annual governance review (GOV-4), plus quarterly review of the risk register and ISMS-MR minutes.
- Each session produces minutes recording attendees, matters reviewed, decisions, and direction to management — stored in the Management Review minutes area and the SharePoint evidence library.
- Independence basis and any conflicts are recorded per session.
Expertise
The oversight function maintains sufficient expertise to oversee the design and operation of information-security controls, engaging third-party security and legal experts (VGC; the pen-test vendor; the SOC 2 / ISO auditors) as needed (GOV-3).Path to a formal board
As Neuroscale scales, a formal board with at least one independent director and a constituted audit committee will replace this compensating arrangement; this charter and the Audit Committee Deferral Memo will be superseded at that point.Cross-references
- Audit Committee Deferral Memo 2026
- Roles & Responsibilities → Governance bodies
- Controls Inventory (CC1.2) · ISMS Management Review · Internal Audit
Version history
| Version | Date | Description | Author | Approved by |
|---|---|---|---|---|
| 1.0 | June 13, 2026 | Initial board & independent oversight charter. | Cameron Wolfe | Ishan Jadhwani |
| 1.1 | June 16, 2026 | Retitled “Independent Oversight Charter”; clarified that Neuroscale is member-managed with no board and that the board-document Vanta slots are evidenced by the Executive Management Ethical Survey. Oversight design unchanged. | Cameron Wolfe | Ishan Jadhwani |