Taking an active role in the Company’s strategic direction, the Board continually educates itself on the Company’s products, markets, customers, competition and culture. The Board assesses risk, evaluates management’s performance, plans for successors and provides overall guidance and direction to the Company.

Risk Oversight

Our Board is responsible for risk oversight. A fundamental part of risk oversight is understanding the risks that we face, the steps management is taking to manage those risks, and assessing our appetite for risk. Risk management systems, including our internal auditing procedures, internal control over financial reporting, and corporate compliance programs, are designed in part to inform management about our material risks.

Our Board receives regular reports from management on matters relating to strategic and operational initiatives, financial performance and legal developments, including the related enterprise- risk exposures. The involvement of the Board in the oversight of our strategic planning process is a key part of its assessment of the risks inherent in our corporate strategy.

Each year, the Board also reviews an enterprise risk management report compiled by business leaders who have assessed risks throughout the business over a three-year horizon, focusing on financial risk, legal/compliance risk and operational/strategic risk. The report details the Company’s top 10 risks, as well as mitigating actions and plans relating to those risks. Underscoring the Board’s and management’s focus on enterprise risk are the individual performance objectives of the executive leadership team, which are again aligned with the Company’s top enterprise risks, as identified in the enterprise risk management report.

While the Board has overall responsibility for risk oversight, each of the three standing committees of the Board regularly assesses risk in connection with executing their responsibilities.

• The Audit and Finance Committee focuses on cybersecurity risk, as well as financial risk, including internal controls. The Committee receives regular reports on cybersecurity, as well as an annual risk assessment report from the Company’s internal auditors.

• The Compensation Committee oversees risk relating to compensation. Its independent compensation consultant conducts a risk assessment of our executive compensation programs, and members of our internal legal, human resources and sales operations departments evaluate our other compensation programs to assess risk. These results are presented to the Compensation Committee annually.

• The Nominating and Governance Committee oversees all of our governance processes and attendant risks.

ESG Oversight

The Board recognizes the connection between ESG topics and risk mitigation, financial performance and shareholder return. The Board’s Nominating and Corporate Governance Committee oversees the Company’s reporting on ESG. Furthermore, a steering committee of senior members of management has been tasked with monitoring and reporting on key ESG topics, and drafting an annual sustainability report.